Senior IT Compliance Analyst

Yext (NYSE: YEXT) is the leading brand visibility platform, built for a world where discovery and engagement happen everywhere — across AI search, traditional search, social media, websites, and direct communications. Powered by over 2 billion trusted data points and a suite of integrated products, Yext provides brands the clarity, control, and confidence to perform across digital channels. From real-time insights to AI-driven recommendations and execution at scale, Yext turns a brand's digital presence into a competitive advantage, which is only possible through our team of innovators and enthusiastic collaborators. Join us and experience firsthand why we are consistently recognized as a ‘Best Place to Work’ globally by industry leaders such as Built In, Fortune, and Great Place To Work®!

We are seeking a highly motivated, detail-oriented, and proactive Senior IT Compliance Analyst to support Yext’s security assurance activities with customers, vendors, and internal teams. This role is responsible for responding to product security-related questions, completing security assessments and audit inquiries, and reviewing security and contract language to ensure compliance with Yext’s standards.

The ideal candidate will collaborate closely with Legal, Sales, and Security teams to ensure accurate, timely, and customer-focused responses while maintaining a strong compliance posture. They will bring deep knowledge of security frameworks, exceptional communication skills, and the ability to partner across business and technical teams to strengthen the organization’s overall security posture.

What You'll Do

Governance

• Contribute to the development and maintenance of IT & Security policies, standards, and controls.

• Support the annual control attestation process and provide the required evidence.

• Measure, track, and report on security metrics and key performance indicators (KPIs).

• Ensure ongoing alignment with regulatory and industry compliance requirements (e.g., SOC 2, HIPAA, GDPR, NIS2).

• Support responses to cyber insurance questionnaires by leveraging existing security controls, certifications, and policies.

Risk & Compliance Management

• Conduct risk assessments across systems, applications, and vendors, documenting and tracking outcomes.

• Collaborate with IT, Legal, and Security teams to design and implement mitigation strategies.

• Maintain a centralized repository of standardized security questionnaire responses and keep them current with implemented controls.

• Manage responses to client questionnaires and third-party audit inquiries with accuracy and professionalism.

• Serve as a key point of contact for clients, auditors, and external stakeholders on security-related matters.

• Prepare and provide audit-ready evidence for internal and external audits (SOC 2, SOX, ISO 27001, etc.).

• Partner with control owners to create and track corrective action plans, ensuring timely remediation.

• Identify and implement process improvements to increase efficiency in audit preparation, risk assessments, and responses.

• Provide actionable recommendations to management on enhancing security and compliance practices.

What You Have

• Bachelor’s degree in Information Security, Cybersecurity, Computer Science, Engineering, or related field; or equivalent experience.

• 5+ years of experience in information security, with a strong focus on audit and compliance management.

• Demonstrated experience conducting risk and compliance assessments.

• Proven success in managing client security questionnaires and third-party audits.

• Familiarity with industry and regulatory compliance frameworks (SOC 2, SOX, ISO 27001, NIST CSF, HIPAA, GDPR).

• Experience with GRC tools and technologies (e.g., OneTrust, SecurityScorecard, Bitsight, Archer, or similar).

• Advanced written and verbal communication skills, with the ability to engage confidently with executives, clients, and auditors.

• Professional certifications such as CISA, CRISC, CISM, CISSP, or CDPSE preferred.

Bonus Points

• Governance & Compliance Expertise – Deep knowledge of regulatory and industry frameworks (SOC 2, SOX, ISO 27001, NIST CSF, HIPAA, GDPR, NIST AI RMF).

• Risk Management – Ability to evaluate risks and support effective remediation strategies.

• Audit & Assessment Skills – Skilled in managing and supporting audits, assessments, and assurance activities.

• Client & Stakeholder Engagement – Strong ability to build trust and deliver timely, accurate responses.

• Communication – Excellent written and verbal skills; able to present technical issues clearly to non-technical audiences and executives.

• Cross-Functional Collaboration – Works effectively across IT, Security, Legal, and business teams.

• Project & Time Management – Strong organizational skills with the ability to balance multiple priorities.

• Continuous Improvement – Identifies opportunities to streamline assurance and compliance processes.

• Technical Acumen – Familiarity with GRC platforms (e.g., OneTrust, SecurityScorecard, Bitsight, Archer) and security tooling.

• Leadership & Influence – Capable of guiding stakeholders and influencing decisions.

Perks and Benefits

At Yext, we take pride in our diverse workforce and prioritize creating an engaged and connected working environment. Our ambitious mission is to transform the enterprise with AI search, and we know that to achieve that, we need a global team of innovators, visionary thought leaders, and enthusiastic collaborators passionate about making a meaningful impact in the world and contributing to an extraordinary culture.

We believe that people do their best when they feel their best — and to feel their best, they must be well-informed, fuelled, and rested. To ensure our employees are at their best, we offer a wide range of benefits and perks, including:

• Performance-Based Compensation: We offer an attractive bonus structure and stock options for eligible positions.

• Comprehensive Leave Package: Our leave package includes Paid Time Off (PTO), Parental Leave, Sick Leave, Casual Leave, Bereavement Leave, National Holidays, and Floating Holidays to ensure a healthy work-life balance.

• Health & Wellness Offerings: We provide medical insurance with 7L coverage, including enhanced parental and outpatient department (OPD) coverage for you, your spouse, two dependent children, and two parents (as applicable and subject to eligibility requirements).

• Relocation Benefits: We offer relocation assistance and an allowance to eligible candidates to help ease your transition.

• World-Class Office & Building Amenities: Our office has a top-notch infrastructure, including gaming rooms, a plush pantry, and breakout areas.

#LI-RK1

Yext is an equal opportunity employer committed to building a results-driven, engaging culture where every employee has the opportunity to contribute to the success of the Company, perform at the highest possible level, and grow their skills and capabilities. Yext welcomes employees and applicants of all backgrounds and demographics, and does not engage in discrimination on the basis of any protected characteristic recognized under applicable law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. The Company believes a broad variety of life experiences across the Yext team is critical to its mission to help every business in the world be visible everywhere customers search. By seeking out fresh perspectives and fostering a positive interview experience and employee experience, Yext can remain at the forefront of innovation, and better serve its customers.

It is Yext’s policy to provide reasonable accommodations to people with disabilities as required by applicable law. If you have a disability that requires an accommodation in completing this application, interviewing, or participating in the employee selection process, please complete this form.

Security Alert

All legitimate Yext communications come from @yext.com email addresses. Messages from other domains (for example, @yext.team) are not authorized and are likely fraudulent. If you receive a message that seems suspicious, do not share personal information, click on links, or provide payment. Instead, please report the communication to [email protected].