Security Analyst - IT Compliance

Remote Full-time
About the position Job Responsibilities: IT/ISO Risk Management • Maintain and execute risk management processes that align with ISO, NIST, and regulatory standards. • Enforce and evaluate system access controls to ensure alignment with internal policies. • Support security planning, assessments, gap analysis, and compliance activities. • Analyze business processes for security alignment and identify control weaknesses. • Escalate and report on residual risk, vulnerabilities, and non compliance trends. Risk Register Management • Own the IT/ISO risk register, ensuring risks are captured, assessed, updated, and communicated. • Partner with IT and ISO process leaders to continually evaluate risk impact and mitigation progress. Compliance & Audit Support • Coordinate internal and external audits (ISO, NIST, SOC2, SOX, etc.). • Prepare evidence, respond to audit requests, and track findings through remediation. • Monitor compliance with IT/ISO policies, documenting deviations and improvement opportunities. Remediation Oversight • Work with application owners, infrastructure teams, and other technical SMEs to design and track remediation plans. • Ensure remediation timelines are met and resolutions are complete, accurate, and aligned with control intent. • Provide progress reporting to management and leadership. Collaboration & Communication • Partner across IT, security, and business teams to drive visibility and accountability around risk and compliance. • Lead periodic discussions with stakeholders to promote a consistent risk management culture. Training & Awareness • Provide training and support to teams on IT/ISO compliance processes. • Serve as a point of contact for compliance and audit related inquiries. Day to Day Duties • Perform ITGC testing, evidence review, and control validation for SOX/SOC2 readiness. • Review and update risk register entries, ensuring accuracy and timely progress updates. • Investigate compliance issues, perform root cause analysis, and document findings. • Support access control reviews and ensure entitlement processes align with policy. • Collaborate with auditors, gather evidence, and document remediation activities. • Draft or update security policies, standards, and procedures. • Monitor compliance dashboards, generate weekly/monthly reporting, and communicate status to leadership. • Participate in cross functional meetings with process owners and contribute to risk reduction strategies. • Respond to security incidents or alerts when they intersect with compliance and risk. Responsibilities • Maintain and execute risk management processes that align with ISO, NIST, and regulatory standards. • Enforce and evaluate system access controls to ensure alignment with internal policies. • Support security planning, assessments, gap analysis, and compliance activities. • Analyze business processes for security alignment and identify control weaknesses. • Escalate and report on residual risk, vulnerabilities, and non compliance trends. • Own the IT/ISO risk register, ensuring risks are captured, assessed, updated, and communicated. • Partner with IT and ISO process leaders to continually evaluate risk impact and mitigation progress. • Coordinate internal and external audits (ISO, NIST, SOC2, SOX, etc.). • Prepare evidence, respond to audit requests, and track findings through remediation. • Monitor compliance with IT/ISO policies, documenting deviations and improvement opportunities. • Work with application owners, infrastructure teams, and other technical SMEs to design and track remediation plans. • Ensure remediation timelines are met and resolutions are complete, accurate, and aligned with control intent. • Provide progress reporting to management and leadership. • Partner across IT, security, and business teams to drive visibility and accountability around risk and compliance. • Lead periodic discussions with stakeholders to promote a consistent risk management culture. • Provide training and support to teams on IT/ISO compliance processes. • Serve as a point of contact for compliance and audit related inquiries. • Perform ITGC testing, evidence review, and control validation for SOX/SOC2 readiness. • Review and update risk register entries, ensuring accuracy and timely progress updates. • Investigate compliance issues, perform root cause analysis, and document findings. • Support access control reviews and ensure entitlement processes align with policy. • Collaborate with auditors, gather evidence, and document remediation activities. • Draft or update security policies, standards, and procedures. • Monitor compliance dashboards, generate weekly/monthly reporting, and communicate status to leadership. • Participate in cross functional meetings with process owners and contribute to risk reduction strategies. • Respond to security incidents or alerts when they intersect with compliance and risk. Benefits • Medical, dental & vision • Critical Illness, Accident, and Hospital • 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available • Life Insurance (Voluntary Life & AD&D for the employee and dependents) • Short and long-term disability • Health Spending Account (HSA) • Transportation benefits • Employee Assistance Program • Time Off/Leave (PTO, Vacation or Sick Leave)

Apply Now
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

[Remote-Position] Online Data Typist - VacancyGlobal

Remote

Experienced Remote Data Entry Specialist – Entry-Level Full-Time Opportunity for Career Growth and Development in the United States

Remote

Software Engineer -- Night Shift (Remote)

Remote

Instructional Design Manager job at Georgia's Own Credit Union in Atlanta, GA

Remote

Thoracic Surgeon in Bozeman, MT

Remote

**Experienced Part-time Data Entry Associate – Remote Work Opportunity with arenaflex**

Remote

Pharmacy Technician - Work From Home (Chandler, AZ)

Remote

Staff Technical Program Manager, Ads

Remote

Mail Distribution Specialist

Remote

Sr. Business Process Consultant, Enterprise Architecture Workflow Products Exper

Remote
← Back