Security Risk & Compliance Analyst

Jobgether • United State
Remote
Apply
AI Summary

Join a collaborative Information Security team to strengthen enterprise cybersecurity, governance, and regulatory compliance. Conduct IT and cybersecurity risk assessments, manage the centralized risk register, and lead audit readiness for frameworks like SOC 2, HIPAA, and NYDFS. Maintain security policies, perform vendor risk assessments, and develop dashboards to provide leadership with actionable security insights.

Key Highlights
Identify and mitigate IT and cybersecurity risks across systems and business processes
Lead audit readiness for SOC 2, HIPAA, NYDFS, and other regulatory frameworks
Manage third-party vendor security assessments and external risk evaluations
Develop dashboards and reports for executive visibility into security posture
Support security awareness programs and continuous compliance improvement
Key Responsibilities
Conduct IT and cybersecurity risk assessments across systems, applications, and business processes to identify, evaluate, and mitigate security risks
Maintain and enhance the organization's centralized IT risk register while tracking remediation efforts and collaborating with stakeholders to address identified risks
Lead and support audit readiness activities for frameworks and regulatory requirements, including SOC 2, HIPAA, NYDFS, and internal compliance initiatives
Manage security policies by coordinating reviews, monitoring compliance, and recommending updates to strengthen governance practices
Perform third-party vendor security assessments and evaluate external risks associated with business partners and service providers
Develop dashboards, reports, and key risk indicators (KRIs) to provide leadership with actionable visibility into the organization's security posture
Support security awareness programs, compliance training initiatives, and continuous improvement efforts across the business
Technical Skills Required
Risk assessment Audit readiness Vendor risk management Security policy management Data protection
Benefits & Perks
Competitive annual salary ranging from $120,000 to $140,000
Performance-based bonus opportunity
Fully remote work environment
Comprehensive medical, dental, and vision insurance
Life insurance and disability coverage
401(k) retirement savings plan
Generous paid time off
Nice to Have
Industry certifications such as Security+, CISA, CRISC, or ISO 27001 Foundations

Job Description


This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Security Risk & Compliance Analyst based in United States.

Join a collaborative Information Security team where you'll play a key role in strengthening enterprise cybersecurity, governance, and regulatory compliance. In this fully remote position, you'll help identify and manage IT risks, improve security controls, and support compliance initiatives across a growing organization. Working closely with technical and business stakeholders, you'll contribute to audit readiness, vendor risk management, and continuous process improvement. This role is ideal for a detail-oriented cybersecurity professional who enjoys balancing strategic governance with hands-on risk analysis. If you're passionate about building secure, compliant environments while driving meaningful business impact, this is an excellent opportunity to grow your career.

Accountabilities

  • Conduct IT and cybersecurity risk assessments across systems, applications, and business processes to identify, evaluate, and mitigate security risks.
  • Maintain and enhance the organization's centralized IT risk register while tracking remediation efforts and collaborating with stakeholders to address identified risks.
  • Lead and support audit readiness activities for frameworks and regulatory requirements, including SOC 2, HIPAA, NYDFS, and internal compliance initiatives.
  • Manage security policies by coordinating reviews, monitoring compliance, and recommending updates to strengthen governance practices.
  • Perform third-party vendor security assessments and evaluate external risks associated with business partners and service providers.
  • Develop dashboards, reports, and key risk indicators (KRIs) to provide leadership with actionable visibility into the organization's security posture.
  • Support security awareness programs, compliance training initiatives, and continuous improvement efforts across the business.

Requirements

  • 5+ years of experience in information security, cybersecurity governance, IT risk management, audit, or compliance.
  • Strong understanding of cybersecurity principles, security controls, IT infrastructure, and data protection best practices.
  • Experience working with security and compliance frameworks such as NIST, CIS Controls, or ISO 27001.
  • Knowledge of regulatory requirements including HIPAA, NYDFS, CCPA, or similar privacy and compliance standards is highly desirable.
  • Experience with Governance, Risk, and Compliance (GRC) platforms such as OneTrust, LogicGate, ServiceNow GRC, or TeamMate is preferred.
  • Familiarity with third-party risk management tools such as SecurityScorecard or BitSight is an advantage.
  • Proficiency with Microsoft Excel, PowerPoint, SharePoint, Teams, and other collaboration tools.
  • Excellent analytical, organizational, communication, and stakeholder management skills with the ability to manage multiple priorities effectively.
  • Industry certifications such as Security+, CISA, CRISC, or ISO 27001 Foundations are considered a plus.

Benefits

  • Competitive annual salary ranging from $120,000 to $140,000, based on experience and qualifications.
  • Performance-based bonus opportunity.
  • Fully remote work environment, with preference for candidates located in the Central or Eastern U.S. time zones.
  • Comprehensive medical, dental, and vision insurance.
  • Life insurance and disability coverage.
  • 401(k) retirement savings plan.
  • Generous paid time off.
  • Opportunity to work with a collaborative Information Security team focused on continuous improvement and professional growth.

How Jobgether Works

We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.

We appreciate your interest and wish you the best!

Why Apply Through Jobgether?

Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.


Similar Jobs

Explore other opportunities that match your interests

Offensive Security Analyst

Cyber Security
•
1h ago
Visa Sponsorship Relocation Remote
Job Type Contract
Experience Level Not Applicable

Alignerr

United State

VP of Information Security

Cyber Security
•
1h ago
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Not Applicable

Jobgether

United State
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Not Applicable

cyber focus ai

United State

Subscribe our newsletter

New Things Will Always Update Regularly