Job Description

Our client is looking for a detail-oriented and proactive Senior Security Analyst to support ongoing security initiatives, maintain compliance, and ensure that security policies and standards are followed within a fast-paced, evolving environment. This position is part of the Information Security team and collaborates across business functions to ensure regulatory requirements and organizational compliance standards are met.

Key Responsibilities

• Ensure compliance with applicable regulations and standards, including SOX, SOC 2, CCPA, HIPAA , and other industry-specific frameworks.
• Assist with third-party risk management (TPRM) , assessing, monitoring, and managing vendor risks.
• Perform risk assessments, audits, and compliance reviews to identify potential risks and implement mitigation strategies.
• Map controls across compliance frameworks, translate them into actionable steps, and provide guidance to stakeholders.
• Deliver and enhance security awareness campaigns to maintain understanding of best practices and compliance requirements across the organization.
• Update and maintain the risk register , ensuring it reflects the current risk landscape and supports decision-making.
• Support ongoing maintenance and improvement of GRC solutions , including control testing.
• Collaborate with cross-functional teams to embed risk management practices into operational processes.
• Participate in process reviews, identifying opportunities to improve operational efficiency and compliance effectiveness.
• Stay informed on regulatory changes, industry trends, and best practices to continuously improve security and compliance programs.
• Perform other duties as required to support the Senior Security Analyst role.

Preferred Qualifications

• Minimum of 5 years of GRC experience within a public company.
• In-depth knowledge of regulatory requirements such as SOX, CCPA, HIPAA , and other relevant frameworks.
• Hands-on experience with GRC solutions and third-party risk management programs .
• Strong understanding of IT governance, information security, and data privacy principles .
• Excellent communication, management, and interpersonal skills , with the ability to influence stakeholders at all levels.
• Ability to develop and implement security policies, procedures, and controls .
• Relevant certifications (e.g., CISA, CISM, CISSP, CRISC ) are a plus.
• Additional experience with Identity and Access Management (IAM), Data Classification, and Data Loss Prevention (DLP) is highly desirable.

Minimum Qualifications

• College degree or equivalent.
• 6+ years of related experience.
• Expert technical knowledge and understanding of industry regulations.
• Ability to lead and coordinate team activities.
• Ability to formulate, document, and recommend new policies and procedures.
• Proven ability to work effectively in a team and lead initiatives.

Job Tags

Similar Jobs