×
Register Here to Apply for Jobs or Post Jobs. X

Sr IT Analyst - Security

Job in Brentwood, Williamson County, Tennessee, 37027, USA
Listing for: GEODIS
Full Time position
Listed on 2026-07-13
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 110000 - 160000 USD Yearly USD 110000.00 160000.00 YEAR
Job Description & How to Apply Below

Senior IT Analyst – Security

The Senior IT Analyst – Security is a key member of the Information Security team, responsible for maintaining and advancing the organization’s compliance posture across a broad portfolio of regulatory frameworks. Reporting to the Head of Security, this role leads audit readiness and evidence management for SOC 1, SOC 2, and HIPAA engagements; ope rationalises controls aligned to ISO 27001 and NIST frameworks; and serves as the internal subject‑matter expert for data protection regulations across North and South America.

Requires a practitioner who can translate technical security controls into audit‑ready artifacts and communicate risk clearly to both technical teams and executive stakeholders. Drives security governance, compliance, and risk management initiatives.

Who We Are

GEODIS specialises in unlocking business value in a complex world, ensuring seamless movement of goods worldwide. As a global third‑party logistics provider (3PL), we power a Better Way to Deliver for the world’s top brands and manufacturers. Fuel your career with GEODIS and discover endless growth opportunities.

Your role on the team
  • IT Compliance & Audit Management
  • Direct the planning, execution, and successful completion of annual SOC 1 Type 2 (SSAE 18 /AT‑C 320) and SOC 2 Type 2 audits, including audit scoping, control readiness assessments, evidence management, stakeholder coordination, and primary engagement with external auditors.
  • Lead company HIPAA Security Rule compliance initiatives by overseeing risk assessments, risk mitigation strategies, and the design, implementation, and documentation of administrative, physical, and technical safeguards to ensure ongoing regulatory compliance and operational effectiveness.
  • Provide guidance to control owners regarding compliance obligations, documentation expectations, evidence collection, remediation activities, and audit readiness.
  • Coordinate cross‑functional teams (IT, Engineering, HR, Legal) to gather and validate audit evidence in a timely manner.
  • Manage findings and observations through to closure, including root‑cause analysis, remediation planning, and evidence of corrective action.
  • Develop and maintain compliance metrics, dashboards, and reporting to support visibility into governance and compliance activities.
  • ISO 27001 & NIST Control Framework – Serve as a trusted internal subject‑matter expert (SME) for the ISO 27001 Information Security Management System (ISMS), providing strategic guidance on governance, policy development, risk management, control implementation, and management review processes.
  • Lead the alignment and mapping of organisational security policies, standards, and procedures to ISO 27001 Annex A controls, ensuring continued compliance and proactive adaptation to evolving regulatory and industry requirements.
  • Apply the NIST Cybersecurity Framework (CSF) and NIST SP 800‑53 control catalog to evaluate the design and operating effectiveness of security controls, identify compliance gaps, and strengthen the organisation’s cybersecurity posture.
  • Plan and execute periodic control assessments, internal audits, and maturity evaluations against ISO 27001 and NIST control frameworks, documenting findings, assessing risk impacts, and delivering prioritised remediation roadmaps to stakeholders.
  • Partner with business, technology, and compliance teams to drive corrective action plans, monitor remediation efforts, and validate control improvements through ongoing governance and assurance activities.
  • Support external audits, customer due diligence reviews, and third‑party security assessments by providing control documentation, evidence packages, and framework mappings that demonstrate compliance with ISO 27001 and NIST requirements.
  • Maintain awareness of emerging cybersecurity standards, regulatory developments, and industry best practices to continuously enhance the organisation’s security governance and control environment.
  • Data Protection & Privacy Compliance – Americas – Monitor, interpret, and implement data protection and privacy requirements across the Americas, including U.S. state privacy laws (CCPA/CPRA, VCDPA, CPA, TDPSA), GLBA,…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary