Security and Compliance Analyst

About The Position

Requirements

• 2+ years of experience in security operations or relevant industry experience, and/or relevant certifications (e.g., Security+, CySA+, CISA, ISO 27001).
• Knowledge of security controls, safeguards, and industry frameworks (e.g., NIST, ISO, SOC).
• General technical knowledge of desktop, network and server environments.
• Competence with identity and access management, privileged access oversight, and log analysis.
• Familiarity with enterprise security tools (EDR, IAM, vulnerability management platforms).
• Strong documentation, communication, and analytical skills.

Responsibilities

• Monitor security alerts and telemetry; perform triage and document event closure.
• Maintain and refine security alerting rules, escalation processes, and response playbooks.
• Review privileged access and activity; prepare periodic oversight reports.
• Assist with incident response, including evidence collection and remediation tracking.
• Execute vulnerability scans and validate remediation activities through technical verification.
• Partner with IT teams to drive timely, risk-based remediation.
• Maintain and report on exposure metrics, remediation aging, and risk prioritization.
• Maintain the Security Risk Registry, ensuring accurate scoring, control mapping, and exception documentation.
• Update policies, standards, and procedures to reflect current technical and operational practices.
• Maintain mapped controls and supporting documentation aligned to industry frameworks.
• Deliver or support delivery of security awareness and targeted training.
• Coordinate intake, tracking, drafting, and evidence collection for internal and external audits.
• Maintain a current library of standardized audit responses and supporting evidence.
• Convert audit findings into documented and verified control improvements.
• Conduct vendor security assessments and review, track and validate closure of supporting technical evidence.
• Maintain vendor risk metrics and coordinate with procurement and business stakeholders.
• Support planning, testing, and documentation related to business continuity and disaster recovery.
• Maintain assigned inventories supporting resiliency initiatives.
• Produce regular metrics covering audit status, evidence completeness, remediation progress, and risk indicators.
• Maintain up-to-date runbooks, checklists, and process documentation.
• Implement small scale automation and reporting enhancements to improve efficiency.
• Complete all required training applicable to this position.
• Regular and predictable attendance is an essential function of this position.
• Other duties, as assigned.

Benefits

• Paid Time Off (PTO) - 16 days annually + 9 Company paid holidays
• Competitive benefits - Medical, Rx, Dental, Vision, 401(k), Parental Leave, Life and Disability Insurance and more. You can review our benefits at www.weltman.com/careers for more information.
• Promotional opportunities from within the Firm
• Employee Perks available from Verizon, Car Dealerships, Local Movie Theaters, Theme Parks, etc.
• Positive office environment with regularly scheduled parties, contests, and community support initiatives
• On site "Bistro To Go" vending and fresh foods available
• Free parking
• Free onsite fitness center for all employees