Associate Lead, Regulatory Security Analyst

About The Position

Requirements

• 6+ years of experience in cybersecurity governance, regulatory compliance, risk management, or related security oversight roles
• Experience supporting structured regulatory frameworks or government oversight programs
• Strong understanding of identity governance, role-based access controls, least privilege principles, and vendor risk oversight
• Experience managing regulatory reporting timelines and structured compliance documentation
• Experience managing annex-style documentation frameworks or formal regulatory filings
• Demonstrated ability to coordinate audits, assessments, and regulator-facing engagements
• ​​Experience leveraging or building AI-enabled tools to enhance GRC processes, including developing AI assistants or automation workflows to improve regulatory monitoring, documentation, and control oversight.
• Strong written communication skills with the ability to draft clear, defensible regulatory communications
• Experience working cross-functionally with Legal, HR, Engineering, and Executive stakeholders
• Strong program management and organizational skills with attention to detail
• Ability to operate independently in a high-accountability environment
• Familiarity with NIST or ISO aligned cybersecurity control framework

Nice To Haves

• Advanced degree or relevant certifications (CISSP, CISM, CRISC, etc.)

Responsibilities

• Lead oversight of compliance with U.S. foreign investment and privacy regulations, advising internal teams and ensuring regulatory requirements are implemented consistently and effectively
• Monitor adherence to the NSA Cybersecurity Plan, privacy and related regulatory requirements, ensuring controls operate as designed and deviations are promptly addressed
• Oversee regulator-facing communications and required notifications, including non-objection submissions, storage and vendor updates, incident reporting within defined timelines, and annual compliance reporting
• Maintain and manage security compliance documentation, ensuring updates are accurate, timely, and regulator-ready
• Track and monitor role-based access controls for sensitive data, including onboarding/offboarding processes, privilege drift reviews, and third-party access
• Oversee security compliance training for relevant personnel
• Coordinate and support third-party assessments, regulatory reviews, and audit activities
• Maintain structured documentation and evidence repositories to ensure audit readiness at all times
• Identify gaps or process improvements and drive enhancements to strengthen governance and monitoring mechanisms
• Partner with IT and Engineering to ensure monitoring, logging, and segregation controls align with regulatory expectations

Benefits

• employees may be eligible for equity, bonuses, and a comprehensive benefits package, including healthcare benefits, retirement benefits, pet insurance, paid holidays, paid Scopely free days, and unlimited paid time off.