Security Compliance Analyst
$115,000–$125,000 year
Remote · United States or US
Job Summary
Lead and refine the internal security compliance program, aligning with laws, regulations, and industry best practices. Build and maintain policies, standards, and procedures; conduct internal and external audits (e.g., SOC 2); manage Third Party Risk Management and Security Awareness Training; apply GDPR, HIPAA, PCI DSS, NIST 800-171/CMMC, ISO 27001, SOC2, and FedRAMP controls; collaborate with stakeholders to remediate findings and strengthen compliance posture; stay current on emerging threats and regulatory developments; support cross-functional project implementations in a remote/distributed environment.
Required Qualifications
- Bachelor’s degree or equivalent experience in IT, Information Security, Computer Science, Information Systems Management, Privacy, Law, Compliance, or related field
- Minimum 5 years of experience in privacy, security, or security compliance roles including internal audit
- Strong knowledge of regulatory and compliance frameworks: SOC2, ISO 27001, GDPR, NIST 800-171/CMMC, FedRAMP, HIPAA, PCI DSS
- Hands-on experience with framework and control mapping, compliance automation tools (One Trust Certification Automation, DRATA, and others)
- Experience working in remote or distributed environments
- Relevant professional certifications such as CISA, CIPP/US, CIPP/E, CIPM, or CIPT preferred
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.