Information Security Analyst/Compliance Lead - CONTRACT

Nexus Technologies LLC USA, Remote, US, Remote
Remote

About The Position

A fast-growing healthcare services company is undergoing its first SOC 2 audit and building its information security program from the ground up. The organization operates in a HIPAA-compliant, high-trust environment and is now taking on enterprise clients who require formal compliance credentials. We are placing one Security Analyst / Compliance Lead as a dedicated, embedded resource. This person will function as an extension of the internal team — owning day-to-day security operations and SOC 2 evidence collection. This is a hybrid role, not a senior architect or vCISO seat, and it does not involve facing the auditor directly.

Requirements

  • Hands-on experience with SOC 2 compliance — familiarity with Trust Service Criteria, evidence collection, and control mapping
  • Proficiency with Vanta or a comparable GRC / compliance automation platform
  • Working knowledge of CrowdStrike or comparable EDR platforms for alert triage and basic incident response
  • Understanding of HIPAA compliance requirements and high-trust environments
  • Ability to translate technical security controls into audit-ready documentation
  • Strong organizational skills — able to independently manage a large volume of evidence across multiple control areas
  • Available to start mid-July 2026 and commit through December 31, 2026
  • U.S.-based, available to work fully remote

Nice To Haves

  • Prior experience in a healthcare or health services organization
  • Familiarity with third-party audit firms and evidence submission processes
  • Exposure to additional frameworks such as ISO 27001, NIST RMF, GDPR, or PCI DSS
  • Experience with Azure environments or cloud-hosted infrastructure
  • Background in GRC (Governance, Risk, and Compliance) in addition to hands-on security operations

Responsibilities

  • Upload and manage security policies within a leading compliance automation platform
  • Gather, organize, and upload evidence for SOC 2 controls across the defined audit scope
  • Map evidence to applicable Trust Service Criteria; identify and flag gaps
  • Support remediation efforts and compensating controls as audit findings surface
  • Monitor and triage EDR alerts; perform initial investigations on security incidents
  • Execute incident response procedures in accordance with the client's IR plan
  • Handle ad hoc security and compliance tasks as directed by client leadership
  • Support the team in establishing repeatable security processes as the program matures
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service