Security Risk & Compliance Analyst

Jobgether·Lever
United StatesFull-timePosted Jul 1, 2026
Open original posting

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Security Risk & Compliance Analyst based in United States.

Join a collaborative Information Security team where you'll play a key role in strengthening enterprise cybersecurity, governance, and regulatory compliance. In this fully remote position, you'll help identify and manage IT risks, improve security controls, and support compliance initiatives across a growing organization. Working closely with technical and business stakeholders, you'll contribute to audit readiness, vendor risk management, and continuous process improvement. This role is ideal for a detail-oriented cybersecurity professional who enjoys balancing strategic governance with hands-on risk analysis. If you're passionate about building secure, compliant environments while driving meaningful business impact, this is an excellent opportunity to grow your career.

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Security Risk & Compliance Analyst based in United States.

Join a collaborative Information Security team where you'll play a key role in strengthening enterprise cybersecurity, governance, and regulatory compliance. In this fully remote position, you'll help identify and manage IT risks, improve security controls, and support compliance initiatives across a growing organization. Working closely with technical and business stakeholders, you'll contribute to audit readiness, vendor risk management, and continuous process improvement. This role is ideal for a detail-oriented cybersecurity professional who enjoys balancing strategic governance with hands-on risk analysis. If you're passionate about building secure, compliant environments while driving meaningful business impact, this is an excellent opportunity to grow your career.

Accountabilities:

    • Conduct IT and cybersecurity risk assessments across systems, applications, and business processes to identify, evaluate, and mitigate security risks.
    • Maintain and enhance the organization's centralized IT risk register while tracking remediation efforts and collaborating with stakeholders to address identified risks.
    • Lead and support audit readiness activities for frameworks and regulatory requirements, including SOC 2, HIPAA, NYDFS, and internal compliance initiatives.
    • Manage security policies by coordinating reviews, monitoring compliance, and recommending updates to strengthen governance practices.
    • Perform third-party vendor security assessments and evaluate external risks associated with business partners and service providers.
    • Develop dashboards, reports, and key risk indicators (KRIs) to provide leadership with actionable visibility into the organization's security posture.
    • Support security awareness programs, compliance training initiatives, and continuous improvement efforts across the business.
    • Requirements

      • 5+ years of experience in information security, cybersecurity governance, IT risk management, audit, or compliance.
      • Strong understanding of cybersecurity principles, security controls, IT infrastructure, and data protection best practices.
      • Experience working with security and compliance frameworks such as NIST, CIS Controls, or ISO 27001.
      • Knowledge of regulatory requirements including HIPAA, NYDFS, CCPA, or similar privacy and compliance standards is highly desirable.
      • Experience with Governance, Risk, and Compliance (GRC) platforms such as OneTrust, LogicGate, ServiceNow GRC, or TeamMate is preferred.
      • Familiarity with third-party risk management tools such as SecurityScorecard or BitSight is an advantage.
      • Proficiency with Microsoft Excel, PowerPoint, SharePoint, Teams, and other collaboration tools.
      • Excellent analytical, organizational, communication, and stakeholder management skills with the ability to manage multiple priorities effectively.
      • Industry certifications such as Security+, CISA, CRISC, or ISO 27001 Foundations are considered a plus.
      • Benefits

        • Competitive annual salary ranging from $120,000 to $140,000, based on experience and qualifications.
        • Performance-based bonus opportunity.
        • Fully remote work environment, with preference for candidates located in the Central or Eastern U.S. time zones.
        • Comprehensive medical, dental, and vision insurance.
        • Life insurance and disability coverage.
        • 401(k) retirement savings plan.
        • Generous paid time off.
        • Opportunity to work with a collaborative Information Security team focused on continuous improvement and professional growth.
How Jobgether works: We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best!  Why Apply Through Jobgether?    Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.     #LI-CL1

Want jobs like this matched to you?

Swoopd scores fresh postings against your résumé so you only see the matches that matter.

Get started free