Security & Compliance Analyst

Compliance Analyst
Remote
May 22, 2026
Application ends: August 20, 2026

Job Description

REQUIREMENTS

  • 3 to 5 years of experience in GRC, security compliance, or information security
  • Hands-on experience with Vanta (or a comparable platform like Drata or Tugboat Logic), including keeping automated evidence collection running and troubleshooting when things break
  • Direct experience with a SOC 2 Type II audit lifecycle, from readiness all the way through report issuance
  • Working knowledge of NIST CSF 2.0 and the ability to map controls across multiple frameworks
  • Enough cloud infrastructure knowledge to have a real conversation with an engineer about control implementation (you don’t need to build it, just understand it)
  • Strong analytical skills, with the ability to take raw vulnerability data and turn it into something a non-technical leader can understand and act on
  • continuous growth-mindset, with a focus on learning, embracing challenges, and continuously improving.
  • knack for creativity and innovation, bringing fresh ideas to the table and solving complex problems.

RESPONSIBILITIES

  • Administer our client’s Vanta Professional instance, maintaining automated test coverage, resolving broken integrations, and keeping the compliance dashboard accurate and up to date
  • Own our NIST CSF 2.0 and SOC 2 Type II framework alignment, mapping controls efficiently across both frameworks and closing gaps as they surface
  • Identify and route compliance gaps, triaging remediation tasks to the right owners and tracking through to resolution
  • Maintain evidence libraries and audit trails required for SOC 2 Type II readiness and annual audits
  • Prepare risk reporting for the Enterprise Risk Committee, translating technical vulnerabilities and control gaps into clear, prioritized business risk language
  • Own the risk register, supporting risk scoring, trending, and remediation tracking alongside the Security & Compliance Lead
  • Conduct vendor security assessments and maintain the third-party risk inventory
  • Own the intake and response process for inbound security questionnaires from customers and partners
  • Act as the cross-functional liaison between Security & Compliance and engineering, IT, and business teams on compliance obligations and remediation timelines
  • Support security awareness initiatives, user access reviews, and ongoing compliance program activities

Are you interested in this position?


Apply by clicking on the “Apply Now” button below!

#CrossChannelJobs #JobSearch
#CareerOpportunities #HiringNow
#Employment #JobOpenings
#JobSeekers
#FacebookLinkedIn

Related Jobs