Security Compliance Analyst Job Description Template

Our company is looking for a Security Compliance Analyst to enhance our security team. This role will monitor, manage, and close existing compliance issues while analyzing internal systems for compliance with security standards. Toward this end, they will work with IT support staff who perform vulnerability assessments and develop mitigation strategies to ensure compliance with current procedures and policies across the organization. 

Typical Duties and Responsibilities

  • Analyze technical controls to ensure that security and compliance requirements are met
  • Verify documented processes, procedures, and standards to validate maintenance of secure configurations
  • Track enterprise compliance across multiple security frameworks and maintain records of requirements and mitigating controls
  • Oversee the development, documentation and maintenance of the control framework
  • Evaluate organization information systems, management procedures, and security controls
  • Develop performance metrics to track compliance
  • Assist in performing internal risk assessments
  • Assist in the development of security and privacy awareness training
  • Collaborate on IT projects to ensure that risk issues and security policy are addressed throughout the project life cycle
  • Serve as a liaison between IT and internal auditing teams 

Education

  • Bachelor’s degree in computer science, business, or a related field

Required Skills and Experience

  • 5+ years of experience conducting security control assessments or audits
  • 2+ years of experience developing or managing a security awareness program
  • Knowledge of information security standards and information privacy laws
  • Knowledge of core security controls and systems such as risk analysis quantification and points of escalation
  • Knowledge of IT security regulations and standards, such as ISO and Sarbanes-Oxley
  • Knowledge of cloud technologies and IaaS, PaaS, and SaaS platforms
  • Demonstrated ability to implement new policies and programs
  • Strong written and verbal communication skills
  • Strong analytical and critical thinking skills

Preferred Qualifications

  • Professional certification, such as CISA, CISM, CRISC, CISSP, or ISAAP
Contact us

Recruit with Nexus IT Group