Security Compliance Analyst responsible for ensuring compliance with security regulations and collaborating on security measures across teams.
About the role
- Security Compliance Analyst supporting IT Security compliance and risk management initiatives at Acosta Group. Engaging with cross-functional teams to ensure adherence to regulatory and security frameworks.
Responsibilities
- The Security Compliance Analyst supports the security compliance program, tracking completion and remediation of compliance activities, and documenting compliance program evidence.
- Investigates and determines where threats exist based on input from the Security Operations Center (SOC) team, current policy requirements, and threat hunt information.
- Responsible for company-wide security awareness and education programs that are aligned with security policy, standards, regulatory requirements, and industry practices.
- Assists with vulnerability management reporting including patch management tracking and software code analysis reports.
- Collaborates with team to develop compliance program strategy.
- Evaluates the security of vendors and hosted solutions based on approved Information Security standards.
- Determines risk and potential impact based on emerging security threats.
- Supports the security compliance program, ensuring the identification, tracking, prioritization, and remediation of all internal and external compliance requirements; also supports Internal Audit activities and remediation requirements.
- Ensures adequate and effective IT controls exist to meet applicable current and future security compliance requirements found in laws, regulations, frameworks such as requirements to comply with SOX (Sarbanes-Oxley), SOC II, and state / federal privacy law.
- Supports and updates a centralized repository of security controls aligned with corporate, regulatory, security framework requirements.
- Coordinates the information security compliance efforts of all internal and outsourced functions that have one or more information security-related responsibilities, to ensure that organization-wide information security compliance efforts are consistent.
- Collaborates with share service areas (internal controls, risk management, legal and HR) on the maturation of policies/procedures related to compliance activities.
- Assists with identity management reviews from automated and manual systems.
- Part of rotational on-call support for Tier 2
- Perform other duties as required and/or assigned.
Requirements
- Bachelor’s degree in computer science or related field is required
- 5 or more years of experience in Information Security
- Experience with laws, regulations, frameworks such as requirements to comply with SOX (Sarbanes-Oxley), SOC II, and state / federal privacy law.
- Familiarity with ISO/IEC 27001 standards or experience supporting ISO 27001 compliance activities is a plus
- Proven information security audit experience
- Experience with vulnerability management
- Experience with third-party risk management and enterprise risk assessments
- Experience with security awareness and training functions and tools
- Proven analytical, strategic vision drawing on strong problem-solving abilities.
- Able to prioritize and execute tasks in a high-pressure environment.
- Strong written, oral, and interpersonal communication skills.
- Ability to present ideas in business-friendly and user-friendly language appropriate to both executive and managerial audiences.
- Highly self-motivated and directed.
- Keen attention to detail.
- Skilled in working within a team-oriented, collaborative environment.
Benefits
- We prioritize your growth, development, and well-being to help you reach your full potential.
- With programs designed to support a fulfilling work-life balance, we offer opportunities that fit your lifestyle and ambitions—whether you’re looking for part-time flexibility or full-time career advancement.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Senior Technical Expert in Cyber Defense Center at ZEISS analyzing global cyber threats. Collaborating with SOC, CIRT, and ensuring proactive defense strategies.
Information Security Analyst focusing on vulnerability research and data analysis at Flexera. Involves analyzing, verifying vulnerabilities, and maintaining high - quality content standards.
Oversee the testing lifecycle and provide cyber security solutions at Xcel Energy. Engage in various testing techniques and collaborate with teams to enhance quality practices.
Security Analyst II role at Deepwatch focusing on incident handling and cybersecurity analysis. Working with a team to improve security posture and customer experience in a hybrid environment.
Information Security Analyst II at West Bend handling security projects and collaboration with IT teams. Supporting security incidents and enhancing organizational information security policies.
Product Security Analyst establishing risk management across CHG Healthcare's multi - brand portfolio. Leading data classification initiatives and reporting on security risks.
Cybersecurity Analyst at Northrop Grumman leading systems accreditation and mentoring junior analysts. Involves development and implementation of Risk Management Framework and information assurance activities.
Sr. Cybersecurity Analyst supporting the full lifecycle of security assessments at Dexcom. Coordinating with internal stakeholders and ensuring comprehensive coverage across assessments.
Information Security Analyst responsible for conducting internal audits and compliance in information technology. Working with audit teams and enhancing compliance frameworks at Ness Digital Engineering.