Senior Audit Compliance Analyst

Come join a higher calling and find a deeper purpose!   

As a multi-national Artificial Intelligence Technology Company, we are at the epicenter of the Autonomous Vehicle Universe. Our breakthroughs are leading the industry in autonomous trucking.  

While inventing the framework of Autonomous Driving, our current fleet of autonomous Trucks are helping communities receive much-needed supplies and medical equipment around the clock.  Our people are some of the most talented engineers and contributors who are leaving behind a historic legacy.  

TuSimple was founded in 2015 with the goal of bringing the top minds in the world together to achieve the dream of a driverless truck solution. With a foundation in computer vision, algorithms, mapping, and Artificial Intelligence, TuSimple is working to create the first global commercially viable autonomous truck driving platform!

Job Overview

TuSimple’s Audit Compliance Analyst, a member of our Information Security office, will work with stakeholders across the business to design and implement a continuous monitoring program to ensure that we are consistently following operating procedures, which faithfully execute our policies. This position will play a primary role in guiding our business through compliance audits and leading efforts to execute corrective action plans. 

Acting as a champion for Information Security, the Information Security Analyst II is a strong InfoSec advocate and helps promote information security awareness across the organization. The incumbent employs a proactive mindset but is also highly responsive when required to be reactive. They find gaps, solve problems, thrive under pressure, and have an unrelenting drive to achieve and maintain optimal levels of security.

Opportunity, Responsibilities, & Mission

• Research regulations by reviewing regulatory bulletins and other sources of information.
• Keeps other departments abreast of requirements by researching regulatory and filing information; writing and communicating guidelines
• Establishes tools and processes for documenting evidence of regular compliance with TuSimple policies and procedures to ensure that our business is continuously performing activities and producing documentation to pass security, privacy (GDPR, CCPA), and other compliance audits
• Trains other departments in documenting evidence of regular compliance with TuSimple policies and procedures
• Prepares reports by collecting, analyzing, and summarizing information
• Maintains rapport with regulatory personnel by arranging continuing contacts; resolving concerns.
• Maintains professional and technical knowledge by attending educational workshops; reviewing professional publications; establishing personal networks; benchmarking state-of-the-art practices; participating in professional societies
• Assist in plan and design the compliance audit strategy and program
• Work with the key compliance stakeholders to identify and remediate emerging issues and non-compliant issues, updating the audit strategy and program appropriately and timely
• Understand company’s compliance policies/procedures and applicable laws/regulations
• Assist in investigation of suspected or potential non-compliant activity
• Work with departments within the business to create corrective action plans to address audit findings. 
• Maintain the strict confidentiality of sensitive information
• Perform other duties and projects (i.e. SOX reviews) as may be necessary and assigned
• Assist the organization in developing training programs to ensure adherence with compliance standards.

Experience & Skills - Required

• Bachelor’s degree 
• Minimum of 6 years of related working experience
• Direct experience with SOC2 compliance
• Direct experience with SOX compliance
• Direct experience with audits of a publicly traded company a plus
• Strong working knowledge  of SOC2 Type 2 compliance practices
• Strong working knowledge of SOX compliance practices
• Strong history of authoring policies and procedures to meet regulatory standards
• Well developed skills that enable effective risk and issue detection, assessment and resolution
• Strong history of conducting routine monitoring and auditing practices to ensure effective adherence to policy and procedures.  
• Working knowledge of industry standard cybersecurity practices 
• Proficient in Google Drive and Microsoft Office  products. Advanced spreadsheet skills
• Excellent verbal and written communication and organizational skills
• Able to multitask, work under pressure in a fast-paced environment, and meet deadlines
• High level of attention to detail
• Ability to work independently with limited required direction and guidance
• CISM, CISA, Security +, or other professional auditing or cybersecurity certifications are desired.  

Behavioral Skills

• Natural problem solver; analytical and oriented towards diagnosis and remediation.
• Creative and proactive thinker; can generate endless “what-if” scenarios and anticipate possible issues before they arise.
• High sense of urgency; self-starter, highly responsive, and able to work and deliver in a fast-paced stream-alignment environment.
• Driven to learn and a commitment to keeping current with best practices and emerging industry trends in a quickly evolving sector.
• Intellectually curious with a strong bias to action. Driven to understand and collaborate with multiple stakeholders, able understand and interpret stakeholder needs - translating needs into clear objectives.
• Analytical, judgment, persuasion and consensus building abilities where there are competing interests.
• Strong interpersonal, oral, and written communication skills. Capable of listening and obtaining clarification, changing  approach or method to best fit the situation. Able to effectively partner with cross-functional teams to coordinate activities and accomplish goals.
• Highly organized with a proven ability to maintain excellent attention to detail and accuracy.
• Demonstrated experience building and improving processes and promoting quality.
• Strong organizational skills, ability to coordinate multiple tasks and support projects of varying complexity in parallel within tight deadlines.
• Proven ability to work independently in a matrix organization, tech start-up experience preferred. 
• Ability to maintain resilience throughout aggressive deadlines, changing priorities, and evolving operations, as common to progresive start-up environments.

Perks

• Competitive salary and benefits
• 100% Company-paid Medical, Vision, and Dental insurance plans
• Annual Bonus Plan
• Company 401(K) program with Company match
• Company-paid life insurance
• Company-paid education/training
• Company-paid gym membership
• Shape the landscape of autonomous driving
• Opportunity for professional growth and career advancement 
• Daily breakfast, lunch, and dinner while on-site at one of our office locations

TuSimple is an Equal Opportunity Employer. This company does not discriminate in employment and personnel practices on the basis of race, sex, age, handicap, religion, national origin or any other basis prohibited by applicable law. Hiring, transferring and promotion practices are performed without regard to the above listed items.

#LI-KS1 #TuMP

For immediate consideration please email your resume to: it_infosec__senior_audit_compliance_analyst__442612ae2us@ivy.greenhouse.io