Senior IT Analyst - Security
Listed on 2026-07-16
-
IT/Tech
Information Security, Cybersecurity, IT Consultant
Role Overview
The Senior IT Analyst - Security is a key member of the Information Security team, responsible for maintaining and advancing the organization's compliance posture across a broad portfolio of regulatory frameworks. This role leads audit readiness and evidence management for SOC 1, SOC 2, and HIPAA engagements; operationalizes controls aligned to ISO 27001 and NIST frameworks; and serves as the internal subject‑matter expert for data protection regulations across North and South America.
WhatYou Will Do
- Direct the planning, execution, and successful completion of annual SOC 1 Type 2 and SOC 2 Type 2 audits, including audit scoping, control readiness assessments, evidence management, stakeholder coordination, and primary engagement with external auditors.
- Lead company HIPAA Security Rule compliance initiatives by overseeing risk assessments, risk mitigation strategies, and the design, implementation, and documentation of administrative, physical, and technical safeguards.
Requires a practitioner who can translate technical security controls into audit‑ready artifacts and communicate risk clearly to both technical teams and executive stakeholders. Drives security governance, compliance, and risk management initiatives.
Requirements- Bachelor's degree in Information Security, Computer Science, Information Systems, or a closely related field
- Minimum 6 years of progressive experience in information security, IT audit, or IT compliance roles
- Demonstrated hands‑on experience managing SOC 1 and/or SOC 2 audit engagements as an auditee‑side lead
- Direct experience with HIPAA Security Rule compliance programs, including risk analysis and safeguard documentation
- Practical working knowledge of ISO 27001 control domains and NIST SP 800‑53 or CSF control families
- Familiarity with data protection regulations in two or more Americas jurisdictions
- Experience writing and maintaining information security policies, standards, and procedures
- Proficiency with GRC platforms (e.g., One Trust, Vanta, Drata, Service Now GRC, or equivalent)
- Certifications — One or More
Required:
CISSP, CISA, CISM, ISO 27001 Lead Auditor or Lead Implementer, CRISCB
- Free telemedical access to doctors and therapists through First Stop Health
- Access wages early with the Rain financial wellness app
- Health, dental, and vision insurance after 30 days of employment
- 401k match
- Paid maternity and parental leave
- Access to career development, employee resource groups, and mentorship programs
- Employee discounts
- Access to employee perks like fitness class discounts and free access to a relaxation and meditation app
- Free financial wellness programs
- Daycare discount program
- Opportunities to volunteer and give back to your community
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).