Compliance Analyst

Join us in bringing joy to customer experience. Five9 is a leading provider of cloud contact center software, bringing the power of cloud innovation to customers worldwide.Living our values everyday results in our team-first culture and enables us to innovate, grow, and thrive while enjoying the journey together. We celebrate diversity and foster an inclusive environment, empowering our employees to be their authentic selves.Why Join UsThis is a unique opportunity for a talented compliance professional to step into a high-visibility, hands-on role that blends operational responsibility with strategic influence. You'll be more than a contributor—you'll be a builder, shaping the frameworks and processes that support our global compliance objectives.Whether you're a seasoned analyst ready for a bigger challenge or an emerging leader looking to expand your scope, this role offers the chance to grow with purpose and advance your career in a forward-thinking, high-impact environment.About The RoleWe are seeking a proactive, detail-oriented Compliance Sr Analyst to join our global Governance, Risk & Compliance (GRC) team. You will take ownership of key elements of our Continuous Monitoring (ConMon) program, partner with technical teams to track risks and improve control effectiveness, and maintain the common control framework (CCF) that underpins our security, privacy, and compliance posture.This role is designed for someone who enjoys getting into the details while also thinking strategically about how to optimize compliance processes, scale efficiently, and contribute to audit readiness and regulatory alignment.Key ResponsibilitiesOwn and evolve the enterprise-wide Continuous Monitoring (ConMon) program, ensuring that vulnerabilities are identified, tracked, and remediated, with accurate reporting and documentationConduct recurring control assessments to evaluate the effectiveness of technical, administrative, and operational safeguards, and use results to improve the CCFDevelop and maintain the Common Control Framework (CCF), ensuring alignment across regulatory and certification requirements (e.g., SOC 2, ISO 27001, PCI-DSS, NIST 800-53, DORA, C5)Manage the risk exception and deviation process, including intake, review, documentation, and tracking of compensating controlsFacilitate compliance syncs with internal teams, including Security, Engineering, IT, Legal, and Privacy. Drive action item closure, escalate risks, and promote visibilitySupport audit and assessment readiness by aligning evidence to controls, updating documentation, and coordinating with process owners to demonstrate compliance postureMaintain core compliance documentation, including policies, SOPs, control narratives, risk registers, and corrective action plansAssist in incident response documentation, focusing on compliance impacts, reporting obligations, and post-incident reviewsCollaborate with Security and Engineering to review vulnerability scans and threat intelligence, helping assess risk exposure and prioritize remediationDevelop and manage compliance dashboards, metrics, and POA&M-style tracking to communicate program health and maturityContinuously improve compliance processes, identifying automation opportunities, reducing manual tasks, and evolving the CCF to keep pace with a changing risk landscapeQualifications3+ years of experience in compliance, audit, security assurance, or a related field within a technology or SaaS environmentKnowledge of major regulatory and industry frameworks (e.g., NIST SP 800-53, SOC 2, ISO 27001, PCI-DSS)Experience with vulnerability management, risk assessments, and control testingStrong communication and collaboration skills with the ability to work across business and technical teamsProven ability to manage multiple priorities, with attention to detail and a structured, documentation-driven approachBachelor’s degree in a relevant field or equivalent professional experiencePreferred SkillsFamiliarity with tools like Tenable, Wiz, or other vulnerability scannersExperience with GRC platforms (e.g., OneTrust, Drata, ServiceNow)Certifications such as CISA, CISSP, CRISC, or ISO 27001 Lead Auditor/ImplementerKnowledge of data protection regulations like GDPR, HIPAA, or DORACompany BenefitsCompany stocksAnnual merit increase based on performance15% night shift differential payPaid Leave with Cash ConversionHMO with free dependentsRetirement PlanLife InsuranceWhile on work from home setup: Internet and meal allowance are providedEmployee Assistance Program for mental and social well-beingGovernment-mandated Benefits (SSS, PhilHealth, PagIBIG, 13th month pay, Solo parent leave, Special leave for women)Five9 embraces diversity and is committed to building a team that represents a variety of backgrounds, perspectives, and skills.  The more inclusive we are, the better we are.  Five9 is an equal opportunity employer.View our privacy policy, including our privacy notice to California residents here: https://www.five9.com/pt-pt/legal.Note: Five9 will never request that an applicant send money as a prerequisite for commencing employment with Five9.