×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Information Security Cybersecurity IT Consultant Data Security

Compliance Analyst, IT​/Tech

Job in Bellingham, Whatcom County, Washington, 98227, USA
Listing for: WECU
Full Time position
Listed on 2026-05-23
Job specializations:
  • IT/Tech
    Information Security, Cybersecurity, IT Consultant, Data Security
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below
Position: IS Compliance Analyst

IS Compliance Analyst

WECU is seeking an Information Security (IS) Compliance Analyst to join our Information Security department located in Bellingham, WA
. This role will provide regulatory expertise in all aspects of WECU’s compliance for all applicable regulations. This role is responsible for assisting the Manager of Information Security Compliance create, maintain, and implement the enterprise‑wide Information Security program, policy, and procedure documentation. The IS Compliance Analyst is responsible for providing risk analysis reviews to the Manager of Information Security Compliance for all internal, external, and third‑party hardware and software.

The IS Compliance Analyst notes deficiencies discovered in risk analysis and makes corrective recommendations to the Manager of Information Security Compliance. The IS Compliance Analyst acts as a liaison to other internal groups in the implementation of regulatory controls, as well as assisting the Manager of Information Security Compliance with regulatory assistance in both internal and external audits.

Essential Functions
  • Work with Manager of Information Security Compliance to provide subject matter expertise in the creation, implementation, and maintenance of appropriate enterprise programs, policies, and procedures to be compliant with all applicable regulations including, but not limited to, 12 CFR Part 748, GLBA, and others.
  • Update and maintain WECU’s written Information Security policies, procedures, and risk management guidelines.
  • Perform vendor due diligence reviews on new or existing vendors to evaluate Information Security risk to WECU.
  • Process and respond to potential and actual cyber security incidents, or alerts issued through the US‑CERT, FS‑ISAC, or CISA as applicable to enterprise systems and operations.
  • Work with the Manager of Information Security Compliance to establish, maintain, and institutionalize security incident response procedures to ensure that security events are thoroughly investigated, documented, and reported; that damage is minimized, that risks are mitigated, and that remedial actions are taken to prevent recurrence.
  • Assist in staff training on Information Security Incident Response processes.
  • Acts as a liaison with other internal groups in the implementation of regulatory compliance solutions.
  • Work with the Manager of Information Security Compliance to assure executive management's awareness of legal and regulatory changes that might impact information security and privacy policies and practices.
  • Work with the Manager of Information Security Compliance to prepare reports on the status and effectiveness of the information security program.
  • Work with the Information Security Team to coordinate, conduct, and review data security requirements, specifications, risk assessments, and, if applicable, third‑party risk assessments of any new or existing computer applications or services.
  • Work with the Manager of Information Security Compliance to verify that security requirements are identified, and that risk mitigation plans are developed and contractually agreed to prior to the purchase of information technology hardware, software, and systems development services for any new high impact computer applications or computer applications that receive, maintain, and/or share confidential data.
  • Review third‑party attestation and audit reports and provides feedback to business leaders and risk owners.
  • Work with the Information Security Team to monitor and manage compliance of implemented enterprise information security controls.
  • Complete Information Security Control Assessments.
  • Other duties as assigned.
Education and Skills

Education

  • Bachelor's degree from four‑year college or university in Computer Science or Computer Security with three years related experience, or equivalent combination of education and/or experience related to the discipline.
  • CISSP, CISA, or CRISC certifications are a plus.
  • Financial services experience is a plus.

Skills

  • Ability to utilize working knowledge of information security best practices such as: NIST 800 series, ISO 27000 series, ISA, or COBIT.
  • Excellent skills in risk assessment processes, policy…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search