Source Job

US

  • Conduct IT and cybersecurity risk assessments across systems, applications, and business processes.
  • Lead audit readiness activities for frameworks like SOC 2, HIPAA, and NYDFS.
  • Manage security policies, third-party vendor assessments, and develop risk dashboards.

Cybersecurity Risk Assessment Compliance Stakeholder Management

20 jobs similar to Security Risk & Compliance Analyst

Jobs ranked by similarity.

US

  • Monitor security alerts, vulnerabilities, and incidents across enterprise systems and assist in incident response.
  • Maintain compliance with standards such as NIST CSF, ISO 27001, and SOC 2 through audits and policy development.
  • Conduct security risk assessments, evaluate controls, and track remediation plans.

Mission Critical Group is an end-to-end power solutions and services provider that accelerates time-to-power for mission critical environments. With over 1.5 million square feet of U.S. manufacturing capacity, they support data centers, healthcare, and industrial facilities.

US 4w PTO

  • Collaborate with cross-functional teams to apply cybersecurity best practices across systems, applications, and cloud environments.
  • Lead portions of cybersecurity assessments across the technology stack, identifying vulnerabilities and recommending remediation strategies.
  • Assist in shaping cybersecurity risk management activities, helping prioritize and guide security initiatives to protect critical assets.

Rise8 builds custom, secure software for government organizations, measuring success by impact: lives saved, time returned, and missions advanced. Certified as a Great Place to Work® with 100% of employees saying they love working here, Rise8 offers a culture rooted in kindness, candor, and continuous learning.

US

  • Own and manage the compliance program including SOC 2 and ISO 27001 readiness and audits.
  • Lead risk assessments, control testing, and enterprise risk management processes.
  • Partner with Engineering, Security, Product, Legal, HR, and Operations to embed compliance into business processes.

Calendly is a scheduling platform used by millions to automate meetings and streamline time management. They are a rapidly growing SaaS company fostering a culture of learning and high performance.

LATAM Unlimited PTO

  • Execute SOC 1, SOC 2, SOC 3 examinations and other security audits.
  • Evaluate the design and effectiveness of technology controls and identify findings.
  • Supervise and provide performance management for IT audit staff.

Insight Assurance is a global audit firm on a mission to transform how organizations achieve cybersecurity and compliance. Founded by former Big 4 professionals, the firm is one of the fastest-growing global audit firms with 170+ professionals supporting nearly 2,000 clients.

US Unlimited PTO

  • Serve as a senior security and compliance advisor for clients in finance, VC, PE, and biotech, translating complex requirements into practical action plans.
  • Lead consultative conversations on governance, risk, controls, AI adoption, and audit readiness, delivering clear executive-level recommendations.
  • Build and refine Outpost's service delivery playbooks, templates, and documentation to scale the offering and improve client experience.

Pliancy is fundamentally changing how businesses value technology, specializing in IT support for life sciences, capital management, and startups. With a people-first culture, the company prioritizes curiosity and empathy, investing in long-term employee success.

Canada Europe Unlimited PTO

  • Support active and upcoming audits including ISO 27001, SOC 2, PCI DSS, and HIPAA by coordinating evidence and working with control owners.
  • Conduct risk assessments, update risk registers, track remediation, and perform third-party risk management reviews.
  • Respond to customer and prospect security/compliance questions and improve repeatable processes and evidence quality.

Upsun is the cloud application platform for hybrid teams, enabling developers to build, ship, and scale confidently without managing backend infrastructure. The company has a remote, global workforce and fosters a multicultural, open, and inclusive culture with a focus on open source and innovation.

US UK Global

  • Support the lifecycle management of cybersecurity offerings, including ideation, design, and launch.
  • Partner with leadership to standardize services and create go-to-market sales collateral.
  • Perform competitive analysis and pricing to inform packaging and growth strategies.

Coalfire is on a mission to make the world a safer place by solving clients' hardest cybersecurity challenges. They are a team of thought leaders and consultants headquartered in Chicago with offices across the U.S. and U.K., supporting clients worldwide.

US

  • Develop and maintain the enterprise IT GRC strategy, framework, and roadmap, presenting updates to executive leadership.
  • Lead enterprise IT risk assessments, maintain risk registers, and oversee remediation efforts.
  • Ensure compliance with regulations like NIST, ISO 27001, SOC, PCI-DSS, HIPAA, GDPR, and SOX.

Mission Critical Group is an end-to-end power solutions and services provider that accelerates time-to-power for mission critical environments. With over 1.5 million square feet of U.S. manufacturing capacity, the company supports data centers, healthcare, and industrial facilities where uptime is non-negotiable.

Europe 5w PTO

  • Own and drive the compliance roadmap across multiple frameworks like ISO 27001, TISAX, SOC 2, and GDPR.
  • Implement ISO 27001 and adjacent frameworks end-to-end for customers, ensuring successful audits.
  • Mentor the compliance team, conduct internal audits, and act as the senior compliance voice for customers, auditors, and product.

Secfix automates security compliance for companies, helping them achieve ISO 27001, GDPR, TISAX, and SOC 2 quickly. They are a high-performing 100% remote team with hubs in Germany and the UK, backed by top VCs.

US

  • Maintain Risk Management Framework artifacts for DevSecOps pipeline inheritance of NIST SP 800-53 controls.
  • Complete and validate STIG/SRG checklists quarterly and provide monthly application STIG status reports.
  • Evaluate program risks, document mitigation strategies, and recommend courses of action to ensure continuous ATO compliance.

DecisionPoint is a company providing cloud services and DevSecOps solutions, supporting ARTRANS AWS environments. It is a regular full-time employer fostering a culture of security and compliance, with an active Secret clearance required for this role.

US

  • Lead secure Google Cloud architecture design and reviews across IAM, networking, workload protection, and compliance.
  • Advise enterprise customers on GCP security strategy aligned to business risk and regulatory requirements.
  • Develop executive-ready findings, prioritized remediation roadmaps, and maturity-based security improvement plans.

Coalfire helps clients solve cybersecurity challenges through advisory, assessment, automation, and cloud security services. With offices across the US and UK, the company employs a team of thought leaders and consultants who are passionate problem-solvers.

US Unlimited PTO

  • Serve as a trusted advisor to clients, defining and advancing cybersecurity strategy over multi-year engagements.
  • Develop prioritized security roadmaps and advise on governance, risk, and compliance frameworks.
  • Translate technical risk into business language for executives and boards, owning the advisory relationship.

Apollo Information Systems is a cybersecurity services company delivering comprehensive security and compliance programs, pioneering a cybersecurity-as-a-service model. Backed by Series A funding, we foster a collaborative, mission-driven culture with deep expertise, and primarily work remotely with a hub in Denver.

US

  • Manage security compliance programs against frameworks like PCI-DSS, NIST, and SOC 1/2, leveraging automation tools for continuous assessment.
  • Oversee identity and access management, including automated provisioning audits and anomaly detection.
  • Collaborate with engineering, DevOps, and product teams to integrate compliance into CI/CD and cloud infrastructure.

Prosper is a FinTech company focused on improving financial well-being. It is a growing company with a collaborative culture and offers resources for professional growth and holistic well-being.

US

  • Act as a subject matter expert and trusted advisor for cybersecurity solutions, driving revenue growth across services and products.
  • Partner with account managers and sales directors to drive pipeline, opportunity qualification, and deal progression within key accounts.
  • Present and articulate cybersecurity value propositions to executive stakeholders including CIO, CISO, and CFO.

New Era Technology provides end-to-end technology solutions to securely connect people, places, and information. With a global team of over 3,000 professionals, they prioritize a people-first culture, continuous learning, and collaboration.

Canada

  • Execute Risk & Compliance initiatives, manage privacy and security projects, and ensure alignment with organizational goals.
  • Identify and mitigate operational, IT, and data privacy risks by partnering with cross-functional teams.
  • Build and improve compliance frameworks, policies, and procedures aligned with regulations like PIPEDA, COPPA, and GDPR.

BIS Safety Software is a SaaS company that helps organizations manage safety, learning, and compliance through innovative software solutions. Founded in 2006, the company is headquartered in Sherwood Park, Alberta, and offers an Employee Stock Ownership Plan (ESOP) with a culture emphasizing humility and contribution over hierarchy.

Eastern US

  • Focus on developing and delivering compliance solutions and strategies for Commercial, Defense Industrial Base, and State/Local customers.
  • Conduct compliance audits, assessments, and gap analyses to identify areas for improvement.
  • Author policies, plans, and procedures in CJIS and FedRAMP environments while serving as a trusted advisor to customers.

Planet Technologies is the leading provider of Microsoft consulting services to public sector and commercial organizations, specializing in building custom solutions that transform business operations. They are a growing team with collaborative peers and caring leaders, focused on high-profile client projects.

US Unlimited PTO

  • Manage and support compliance certifications including SOC 2, HITRUST, and ISO 27001 audits across the audit lifecycle.
  • Serve as the subject matter expert across the company on compliance frameworks and primary point of contact for external auditors.
  • Maintain the risk register, drive risk identification and reporting, and scale GRC function with AI and automation.

Garner transforms the healthcare economy by partnering with employers to redesign healthcare benefits using data-driven insights. It is a fast-growing healthcare technology company with a mission-driven team focused on making healthcare more affordable and high-quality.

US Unlimited PTO

  • Configure, deploy, and maintain security tools across cloud-native environments.
  • Integrate security tooling into existing software development and deployment workflows.
  • Partner with engineering teams to implement security best practices throughout the software development lifecycle.

Sphinx builds modern, scalable software to solve complex national security problems in Space. Founded by engineers and technologists with deep experience across commercial and defense technology, they emphasize collaboration, transparency, and individual responsibility in a growing team.

US

  • Drive customer adoption and expansion of the Tines platform across technical teams.
  • Partner with Sales, Support, and Product to ensure customer success and renewals.
  • Identify automation opportunities and foster champions within customer organizations.

Tines is an intelligent workflow platform that applies AI and automation to drive real business results. Founded in 2018 with co-headquarters in Dublin and Boston, the company serves customers from startups to public companies and values Simplicity, Speed, and Soundness.

US

  • Serve as senior cybersecurity authority advising on complex authorization scenarios and ensuring compliance with federal policy.
  • Lead the AI and automation workstream, identifying high-value use cases and piloting process improvements.
  • Mentor junior team members and coordinate with cross-functional teams to integrate AI and automation into workflows.

Kentro is a technology solutions company that supports federal missions with innovative IT services. The company holds ISO certifications and CMMI ratings, provides competitive benefits, and invests in professional development.