Information Security Compliance Analyst II
Information Security Compliance Analyst II
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Summary / Objective
The Information Security Compliance Analyst will develop and execute a comprehensive security and compliance program. Key responsibilities include planning and conducting security audits maintaining compliance with various standards and regulations and managing security operations by monitoring alerts and remediating vulnerabilities. The position also involves preparing for external audits providing guidance to internal teams and developing and delivering training on security best practices.
This role reports to Sr. Director Security.
What Youll Do
- Review update and create necessary security policies procedures and documentation
- Design develop and maintain controls to ensure ongoing compliance with contractual security requirements industry standards (ISO NIST) and regulations
- Develop and execute internal and external audit programs (e.g. ISO SOC) to ensure compliance with contractual obligations user controls in coordination with third-party auditors and internal teams
- Utilize audit tools to automate and streamline the audit process present findings and recommendations to management and monitor the implementation of corrective actions
- Support the organization in gaining and maintaining key certifications such as ISO and SOC
- Continuously monitor and triage security alerts event notifications and vulnerabilities to ensure compliance and enhance security posturedeveloping detection rules optimizing correlation searches analyzing alerts reporting and coordinating remediation efforts with IT and Development teams. Participate in security incident response activities
- Provide guidance and support to internal teams on compliance best practices and track the status of all security efforts
- Evaluate and implement tools to prevent cyber exploits and enforce secure coding practices in collaboration with Operations and Development teams
- Regularly provide risk assessment reports to management and help drive the remediation of risks and compliance violations
- Stay current with cybersecurity threats by reviewing threat intelligence feeds and industry publications
- After-hours and on-call support is required for this role
- Develop and deliver training programs on security compliance and audit procedures
- Actively models and promotes Identity Digitals core values through day-to-day interactions behaviors and decision-making
- Other duties as assigned
Who You Are / What You Bring
- 2 years of Information Security experience in an engineering environment
- A Bachelors degree in Cybersecurity Computer Science or a related field is an asset
- Relevant industry certifications such as CompTIA Security CISA (Certified Information Systems Auditor) CCAK (Certificate of Cloud Auditing Knowledge) or ISO 27001 Lead Implementer/Auditor
- Works under the direction of a manager or Senior Engineer to help prioritize tasks within a team environment
- Strong analytical and problem-solving skills with a high level of attention to detail. The ability to spot inconsistencies gaps or errors in large volumes of documentation and data
- Knowledge of cloud environments (AWS Azure GCP)
- Strong grasp of Information Security principles best practices and control processes
- Good understanding of operating systems containerization (Docker & Kubernetes) web servers TCP/IP and network technologies; Authentication and security protocols and coding methodologies
- Hands-on experience with security monitoring tools such as a SIEM (e.g. Splunk Exabeam) and EDR (e.g. CrowdStrike Carbon Black)
- Working knowledge of vulnerability scanning anti-virus IDS/IPS and other common infosec tool sets a must
- Knowledge of common compliance frameworks and regulations (e.g. ISO 27001 SOC 1/2 NIST CSF CIS controls)
- Experience conducting or auditing user access reviews within systems like Active Directory and IAM
- Familiarity with modern AI and machine learning applications in the cybersecurity and audit landscape including tools for security monitoring anomaly detection and compliance automation an asset
- After-hours and on-call support outside business hours will be required
- Ability to travel as needed
- Ability to work across time zones as part of a global organization
- Reliable transportation to the workplace
Physical Requirements
- Prolonged periods of sitting at a desk and working on a computer
- Must be able to lift up to 15 pounds at times
Salary Range
The U.S. base salary range for this full-time position is $87000 - $111000 (flexibility based on experience) plus benefits as described addition the successful candidate will be eligible to receive other compensation from time to time in the form of discretionary and/or nondiscretionary bonuses and long-term incentive plan. Actual compensation will be influenced by a candidates qualifications internal employee equity considerations and location. We will not ask for information about a candidates current or past compensation for purposes of developing an offer of employment.
US team members (and their spouses domestic partners and/or dependent children) are covered by generously subsidized medical dental and vision insurance which includes company contributions to a Health Savings Accounts. Team members are also covered by company-paid life and disability insurance and have the option of participating in employee-paid supplemental life accidental death and dismemberment critical illness and accident addition team members can enroll in the companys 401(k) plan with up to a 5% match. You receive 15 days of paid vacation yearly increasing to 20 days after one year. Additionally you get 5 days of paid sick leave 13 paid holidays and 20 weeks of paid parental leave for birthing parents 12 weeks for others. Also theres an opportunity for tuition reimbursement for qualifying expenses.
Note: Benefits programs are subject to eligibility requirements and may vary in certain locations.
A few things to know about us
Identity Digital is an Equal Opportunity Employer and does not discriminate based on race color religion sex age national origin veteran status marital status sexual orientation gender identity disability or any other category prohibited by local state or federal law. This policy applies to all aspects of employment including recruitment placement promotion transfer demotion compensation benefits social and recreational activities and termination.
Background Check Statement
At the time of an offer you will be required to complete a background check. Any offer is contingent upon a satisfactory background check.
Sponsorship Statement
Please note that work sponsorship for this position may not be available now or in the future. While we strive to support our candidates not all roles will qualify. Eligibility will be reviewed on a case-by-case basis.
Accommodation Statement
We are committed to the full inclusion of all qualified individuals. As part of this commitment Identity Digital will ensure that persons with disabilities are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process please contact our Recruiting Team at
Required Experience:
IC
Employment Type
Full Time
