Compliance & Risk Analyst

Seeking a detail-oriented and proactive Compliance & Risk Analyst to support the organization’s security compliance and risk management initiatives. This role will play a key part in maintaining adherence to regulatory frameworks, assisting with security control reviews, coordinating audit activities, and managing risk assessments. The ideal candidate will have experience performing risk assessments, developing and or managing business continuity plans, working with external auditors and frameworks such as SOC 2, PCI DSS, HIPAA, StateRAMP, or FedRAMP. Support the execution of risk assessments and security control reviews across business units and IT environments. Assist in evidence collection and control testing in support of third-party audits and internal assessments. Maintain organized documentation for audit readiness and compliance tracking. Coordinate with internal teams to gather responses to auditor inquiries and remediate identified gaps. Track compliance status, action items, and report progress to management on a regular basis. Help evaluate the effectiveness of technical and administrative security controls. Contribute to the development and maintenance of compliance-related policies, standards, and procedures. Stay informed of changes to relevant regulatory and industry frameworks.