Share this Job

Sr. IT Security Compliance Analyst

Apply now »

Date: Apr 3, 2021

Location: San Francisco, US

Company: Dolby Laboratories, Inc.

Join the leader in entertainment innovation and help us design the future. At Dolby, science meets art, and high tech means more than computer code. As a member of the Dolby team, you’ll see and hear the results of your work everywhere, from movie theaters to smartphones. We continue to revolutionize how people create, deliver, and enjoy entertainment worldwide. To do that, we need the absolute best talent. We’re big enough to give you all the resources you need, and small enough so you can make a real difference and earn recognition for your work. We offer a collegial culture, challenging projects, and excellent compensation and benefits.



The IT Security Compliance Analyst will execute IT governance processes and the deployment of process improvement initiatives. This position will leverage best practices to ensure global and cross functional Governance, Risk Management, and Compliance with applicable regulations and Dolby’s security policies. In addition, the IT Security Compliance Analyst will manage the process of assessing, monitoring, and governing 3rd party risk and compliance with documented security standards as dictated by contractual agreement.   



  • Interact with various Business and IT groups, to review, assess and monitor compliance with various programs such as SOX, HIPAA, MPAA and others.
  • Work with IT Security GRC (Governance, Risk, and Compliance) Lead on continuous improvement of internal IT Security control framework.
  • Assist in identifying and reporting on risk and compliance issues.
  • Review threats and vulnerabilities and recommend and drive remediation actions.
  • Perform ITGC (Information Technology General Controls) management reviews and update program documents.
  • Provide audit support, and coordinate IT Security activities with internal and external auditors.
  • Operate vendor security controls reviews on existing and prospective vendors.
  • Ensure project are performing security compliance activities as part of the overall project management lifecycle.
  • Partner with teams across Dolby on continuous improvement of GRC practices.
  • Play a key role in security reporting & metrics, leading to risk reduction, trending, and overall security posture improvements.
  • Leverage existing security standards to measure performance and compliance.  



  • B.S. Degree in Accounting, Finance, Computer Science, or related experience
  • CISSP, CISA or related certification preferred
  • 2­-4 years’ experience operating global IT Security governance/compliance programs
  • Excellent communication skills (oral and written)
  • Excellent presentation, project management, problem-solving, and conflict resolution skills
  • Deadline driven, detail oriented, focus on efficiencies and process improvement
  • High integrity and business ethics
  • Ability to participate in and facilitate group meetings, including with remote staff
  • Ability to interpret regulations and laws and communicate effectively to all levels of the organization
  • Experience reviewing 3rd party security reports (SSAE16 SOC 1 and 2, penetration testing reports, SIG) against industry security standards (CSA, NIST, ISO, SANS, OWASP) as part of an overall vendor management program
  • Experience with Change and Release Management based on ITIL best practices
  • Experience with controls testing design
  • General knowledge of traditional and SaaS based ERP systems, databases, operating systems, and networking
  • General knowledge of COBIT, Sarbanes Oxley, ITIL or other control frameworks
  • Ability to explain technical jargon in simplified terms
  • Ability to work efficiently and independently with minimal supervision (i.e. self-motivated and willing to stretch to meet important deadlines)
  • Ability to work successfully in a matrixed, global organization
  • Technical curiosity and the ability to learn new technologies quickly  


What Sets You Apart:

  • Vendor or supply chain security
  • Project Management Professional (PMP)
  • Familiarity with vulnerability management platforms
  • Familiarity with GRC tools
  • Security or auditing experience with SAP environments preferred
  • Big 4 experience


Dolby will consider qualified applicants with criminal histories in a manner consistent with the requirements of San Francisco Police Code, Article 49, and Administrative Code, Article 12


Equal Employment Opportunity:
Dolby is proud to be an equal opportunity employer. Our success depends on the combined skills and talents of all our employees. We are committed to making employment decisions without regard to race, religious creed, color, age, sex, sexual orientation, gender identity, national origin, religion, marital status, family status, medical condition, disability, military service, pregnancy, childbirth and related medical conditions or any other classification protected by federal, state, and local laws and ordinances.



Nearest Major Market: San Francisco
Nearest Secondary Market: Oakland