Join TuSimple and help change the way the world moves.  Together we're making freight transportation safer, more efficient, and more environmentally friendly.


For immediate consideration please email your resume to: it_infosec__senior_audit_compliance_analyst__442612ae2us@ivy.greenhouse.io


Company Overview

Come join a higher calling and find a deeper purpose!   

As a multi-national Artificial Intelligence Technology Company, we are at the epicenter of the Autonomous Vehicle Universe. Our breakthroughs are leading the industry in autonomous trucking.  

While inventing the framework of Autonomous Driving, our current fleet of autonomous Trucks are helping communities receive much-needed supplies and medical equipment around the clock.  Our people are some of the most talented engineers and contributors who are leaving behind a historic legacy.  

TuSimple was founded in 2015 with the goal of bringing the top minds in the world together to achieve the dream of a driverless truck solution. With a foundation in computer vision, algorithms, mapping, and Artificial Intelligence, TuSimple is working to create the first global commercially viable autonomous truck driving platform!

Job Overview

TuSimple’s Audit Compliance Analyst, a member of our Information Security office, will work with stakeholders across the business to design and implement a continuous monitoring program to ensure that we are consistently following operating procedures, which faithfully execute our policies. This position will play a primary role in guiding our business through compliance audits and leading efforts to execute corrective action plans. 

Acting as a champion for Information Security, the Information Security Analyst II is a strong InfoSec advocate and helps promote information security awareness across the organization. The incumbent employs a proactive mindset but is also highly responsive when required to be reactive. They find gaps, solve problems, thrive under pressure, and have an unrelenting drive to achieve and maintain optimal levels of security.

 

Opportunity, Responsibilities, & Mission

  • Research regulations by reviewing regulatory bulletins and other sources of information.
  • Keeps other departments abreast of requirements by researching regulatory and filing information; writing and communicating guidelines
  • Establishes tools and processes for documenting evidence of regular compliance with TuSimple policies and procedures to ensure that our business is continuously performing activities and producing documentation to pass security, privacy (GDPR, CCPA), and other compliance audits
  • Trains other departments in documenting evidence of regular compliance with TuSimple policies and procedures
  • Prepares reports by collecting, analyzing, and summarizing information
  • Maintains rapport with regulatory personnel by arranging continuing contacts; resolving concerns.
  • Maintains professional and technical knowledge by attending educational workshops; reviewing professional publications; establishing personal networks; benchmarking state-of-the-art practices; participating in professional societies
  • Assist in plan and design the compliance audit strategy and program
  • Work with the key compliance stakeholders to identify and remediate emerging issues and non-compliant issues, updating the audit strategy and program appropriately and timely
  • Understand company’s compliance policies/procedures and applicable laws/regulations
  • Assist in investigation of suspected or potential non-compliant activity
  • Work with departments within the business to create corrective action plans to address audit findings. 
  • Maintain the strict confidentiality of sensitive information
  • Perform other duties and projects (i.e. SOX reviews) as may be necessary and assigned
  • Assist the organization in developing training programs to ensure adherence with compliance standards.

Experience & Skills - Required

  • Bachelor’s degree 
  • Minimum of 6 years of related working experience
  • Direct experience with SOC2 compliance
  • Direct experience with SOX compliance
  • Direct experience with audits of a publicly traded company a plus
  • Strong working knowledge  of SOC2 Type 2 compliance practices
  • Strong working knowledge of SOX compliance practices
  • Strong history of authoring policies and procedures to meet regulatory standards
  • Well developed skills that enable effective risk and issue detection, assessment and resolution
  • Strong history of conducting routine monitoring and auditing practices to ensure effective adherence to policy and procedures.  
  • Working knowledge of industry standard cybersecurity practices 
  • Proficient in Google Drive and Microsoft Office  products. Advanced spreadsheet skills
  • Excellent verbal and written communication and organizational skills
  • Able to multitask, work under pressure in a fast-paced environment, and meet deadlines
  • High level of attention to detail
  • Ability to work independently with limited required direction and guidance
  • CISM, CISA, Security +, or other professional auditing or cybersecurity certifications are desired.  

Behavioral Skills

  • Natural problem solver; analytical and oriented towards diagnosis and remediation.
  • Creative and proactive thinker; can generate endless “what-if” scenarios and anticipate possible issues before they arise.
  • High sense of urgency; self-starter, highly responsive, and able to work and deliver in a fast-paced stream-alignment environment.
  • Driven to learn and a commitment to keeping current with best practices and emerging industry trends in a quickly evolving sector.
  • Intellectually curious with a strong bias to action. Driven to understand and collaborate with multiple stakeholders, able understand and interpret stakeholder needs - translating needs into clear objectives.
  • Analytical, judgment, persuasion and consensus building abilities where there are competing interests.
  • Strong interpersonal, oral, and written communication skills. Capable of listening and obtaining clarification, changing  approach or method to best fit the situation. Able to effectively partner with cross-functional teams to coordinate activities and accomplish goals.
  • Highly organized with a proven ability to maintain excellent attention to detail and accuracy.
  • Demonstrated experience building and improving processes and promoting quality.
  • Strong organizational skills, ability to coordinate multiple tasks and support projects of varying complexity in parallel within tight deadlines.
  • Proven ability to work independently in a matrix organization, tech start-up experience preferred. 
  • Ability to maintain resilience throughout aggressive deadlines, changing priorities, and evolving operations, as common to progresive start-up environments.

Perks

  • Competitive salary and benefits
  • 100% Company-paid Medical, Vision, and Dental insurance plans
  • Annual Bonus Plan
  • Company 401(K) program with Company match
  • Company-paid life insurance
  • Company-paid education/training
  • Company-paid gym membership
  • Shape the landscape of autonomous driving
  • Opportunity for professional growth and career advancement 
  • Daily breakfast, lunch, and dinner while on-site at one of our office locations

TuSimple is an Equal Opportunity Employer. This company does not discriminate in employment and personnel practices on the basis of race, sex, age, handicap, religion, national origin or any other basis prohibited by applicable law. Hiring, transferring and promotion practices are performed without regard to the above listed items.

#LI-KS1 #TuMP


For immediate consideration please email your resume to: it_infosec__senior_audit_compliance_analyst__442612ae2us@ivy.greenhouse.io


 

Apply for this Job

* Required

resume chosen  
(File types: pdf, doc, docx, txt, rtf)
When autocomplete results are available use up and down arrows to review
+ Add Another Education

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in TuSimple’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.


Form CC-305

OMB Control Number 1250-0005

Expires 05/31/2023

Voluntary Self-Identification of Disability

Why are you being asked to complete this form?

We are a federal contractor or subcontractor required by law to provide equal employment opportunity to qualified people with disabilities. We are also required to measure our progress toward having at least 7% of our workforce be individuals with disabilities. To do this, we must ask applicants and employees if they have a disability or have ever had a disability. Because a person may become disabled at any time, we ask all of our employees to update their information at least every five years.

Identifying yourself as an individual with a disability is voluntary, and we hope that you will choose to do so. Your answer will be maintained confidentially and not be seen by selecting officials or anyone else involved in making personnel decisions. Completing the form will not negatively impact you in any way, regardless of whether you have self-identified in the past. For more information about this form or the equal employment obligations of federal contractors under Section 503 of the Rehabilitation Act, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

Disabilities include, but are not limited to:

  • Autism
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, or HIV/AIDS
  • Blind or low vision
  • Cancer
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or hard of hearing
  • Depression or anxiety
  • Diabetes
  • Epilepsy
  • Gastrointestinal disorders, for example, Crohn's Disease, or irritable bowel syndrome
  • Intellectual disability
  • Missing limbs or partially missing limbs
  • Nervous system condition for example, migraine headaches, Parkinson’s disease, or Multiple sclerosis (MS)
  • Psychiatric condition, for example, bipolar disorder, schizophrenia, PTSD, or major depression

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.