We are seeking a highly motivated, detail-oriented, and proactive Senior IT Compliance Analyst to support Yext’s security assurance activities with customers, vendors, and internal teams. This role is responsible for responding to product security-related questions, completing security assessments and audit inquiries, and reviewing security and contract language to ensure compliance with Yext’s standards.

The ideal candidate will collaborate closely with Legal, Sales, and Security teams to ensure accurate, timely, and customer-focused responses while maintaining a strong compliance posture. They will bring deep knowledge of security frameworks, exceptional communication skills, and the ability to partner across business and technical teams to strengthen the organization’s overall security posture.

What You'll Do

Governance

• Contribute to the development and maintenance of IT & Security policies, standards, and controls.
• Support the annual control attestation process and provide the required evidence.
• Measure, track, and report on security metrics and key performance indicators (KPIs).
• Ensure ongoing alignment with regulatory and industry compliance requirements (e.g., SOC 2, HIPAA, GDPR, NIS2).
• Support responses to cyber insurance questionnaires by leveraging existing security controls, certifications, and policies.

Risk & Compliance Management

• Conduct risk assessments across systems, applications, and vendors, documenting and tracking outcomes.
• Collaborate with IT, Legal, and Security teams to design and implement mitigation strategies.
• Maintain a centralized repository of standardized security questionnaire responses and keep them current with implemented controls.
• Manage responses to client questionnaires and third-party audit inquiries with accuracy and professionalism.
• Serve as a key point of contact for clients, auditors, and external stakeholders on security-related matters.
• Prepare and provide audit-ready evidence for internal and external audits (SOC 2, SOX, ISO 27001, etc.).
• Partner with control owners to create and track corrective action plans, ensuring timely remediation.
• Identify and implement process improvements to increase efficiency in audit preparation, risk assessments, and responses.
• Provide actionable recommendations to management on enhancing security and compliance practices.

What You Have

• Bachelor’s degree in Information Security, Cybersecurity, Computer Science, Engineering, or related field; or equivalent experience.
• 5+ years of experience in information security, with a strong focus on audit and compliance management.
• Demonstrated experience conducting risk and compliance assessments.
• Proven success in managing client security questionnaires and third-party audits.
• Familiarity with industry and regulatory compliance frameworks (SOC 2, SOX, ISO 27001, NIST CSF, HIPAA, GDPR).
• Experience with GRC tools and technologies (e.g., OneTrust, SecurityScorecard, Bitsight, Archer, or similar).
• Advanced written and verbal communication skills, with the ability to engage confidently with executives, clients, and auditors.
• Professional certifications such as CISA, CRISC, CISM, CISSP, or CDPSE preferred.

Bonus Points

• Governance & Compliance Expertise – Deep knowledge of regulatory and industry frameworks (SOC 2, SOX, ISO 27001, NIST CSF, HIPAA, GDPR, NIST AI RMF).
• Risk Management – Ability to evaluate risks and support effective remediation strategies.
• Audit & Assessment Skills – Skilled in managing and supporting audits, assessments, and assurance activities.
• Client & Stakeholder Engagement – Strong ability to build trust and deliver timely, accurate responses.
• Communication – Excellent written and verbal skills; able to present technical issues clearly to non-technical audiences and executives.
• Cross-Functional Collaboration – Works effectively across IT, Security, Legal, and business teams.
• Project & Time Management – Strong organizational skills with the ability to balance multiple priorities.
• Continuous Improvement – Identifies opportunities to streamline assurance and compliance processes.
• Technical Acumen – Familiarity with GRC platforms (e.g., OneTrust, SecurityScorecard, Bitsight, Archer) and security tooling.
• Leadership & Influence – Capable of guiding stakeholders and influencing decisions.

Perks and Benefits

At Yext, we take pride in our diverse workforce and prioritize creating an engaged and connected working environment. Our ambitious mission is to transform the enterprise with AI search, and we know that to achieve that, we need a global team of innovators, visionary thought leaders, and enthusiastic collaborators passionate about making a meaningful impact in the world and contributing to an extraordinary culture.

We believe that people do their best when they feel their best — and to feel their best, they must be well-informed, fuelled, and rested. To ensure our employees are at their best, we offer a wide range of benefits and perks, including:

• Performance-Based Compensation: We offer an attractive bonus structure and stock options for eligible positions.
• Comprehensive Leave Package: Our leave package includes Paid Time Off (PTO), Parental Leave, Sick Leave, Casual Leave, Bereavement Leave, National Holidays, and Floating Holidays to ensure a healthy work-life balance.
• Health & Wellness Offerings: We provide medical insurance with 7L coverage, including enhanced parental and outpatient department (OPD) coverage for you, your spouse, two dependent children, and two parents (as applicable and subject to eligibility requirements).
• Relocation Benefits: We offer relocation assistance and an allowance to eligible candidates to help ease your transition.
• World-Class Office & Building Amenities: Our office has a top-notch infrastructure, including gaming rooms, a plush pantry, and breakout areas.

#LI-RK1