Security Compliance Analyst III

About The Position

Requirements

• 5+ years of experience in information security, risk, compliance, governance, or privacy.
• Bachelor's degree in Computer Science, Information Security, or a related technical field; or equivalent related professional experience.
• Extensive experience in writing or managing security policies.
• Excellent writing and communication skills.
• Experience with technology, data security, and data privacy concepts.
• Proven ability to explain and defend positions to internal and external stakeholders.
• Strong sense of ownership and urgency.
• Strong foundation in Information Security principles and practices.

Nice To Haves

• Knowledge and experience with NIST CSF, ISO 27001, ISO 27018, PCI, SSAE 18, or SOC 2.
• Cyber Security Certification.
• Experience leading small teams in a collaborative environment.

Responsibilities

• Write, edit, maintain, and support security policies and standards.
• Evaluate security requirements and controls for design, effectiveness, and gaps.
• Represent security policy to business stakeholders.
• Support compliance initiatives and projects such as GDPR compliance, ISO 27001 certification, PCI DSS compliance authorization, and SOC 2 audits.
• Collaborate with legal and compliance teams to ensure policies meet legal requirements and industry regulations.
• Partner with compliance teams on audits and assessments and stay informed about regulatory updates.
• Assist with security policy exception requests, reviews, and monitoring.
• Understand the business organizational structure and culture to best attain objectives and results.

Benefits

• Exciting travel perks
• Generous time-off
• Parental leave
• Global hybrid work setup
• Career development resources