×
Register Here to Apply for Jobs or Post Jobs. X

Security Compliance Analyst

Job in Raleigh, Wake County, North Carolina, 27601, USA
Listing for: Actalent
Full Time position
Listed on 2026-07-13
Job specializations:
  • IT/Tech
  • Quality Assurance - QA/QC
Salary/Wage Range or Industry Benchmark: 68880 - 75768 USD Yearly USD 68880.00 75768.00 YEAR
Job Description & How to Apply Below

Security Compliance Analyst

The Security Compliance Analyst leads the full certification lifecycle for key security frameworks, acting as the primary bridge between technical engineering teams and external auditors. This role focuses on managing ISO and SOC 2 Type 2 audits end‑to‑end, translating complex technical environments into audit‑ready evidence, and using AI and automation to reduce the compliance burden on engineering teams. The ideal candidate is a hands‑on compliance practitioner who understands the realities of SaaS products and can clearly articulate technical control requirements to both technical and non‑technical stakeholders.

Responsibilities
  • Own and drive the full lifecycle of ISO and SOC 2 Type 2 audits, from initial planning through final reporting.
  • Define detailed audit requirements and translate control language into clear, actionable technical requests for engineering teams.
  • Request, collect, and organize evidence from technical owners, ensuring completeness, accuracy, and audit readiness.
  • Review and validate the integrity and sufficiency of technical evidence, identifying gaps, inconsistencies, or invalid submissions.
  • Track remediation activities for identified gaps and follow up with stakeholders to ensure timely closure of issues.
  • Serve as the primary liaison with external audit firms, speaking the language of auditors and effectively defending the control environment.
  • Create and maintain an annual audit calendar, including timelines, milestones, and preparation activities for audit windows.
  • Ensure the organization is well prepared for audits by coordinating pre‑audit reviews, walkthroughs, and readiness assessments.
  • Utilize AI and large language models to automate evidence collection, parse system logs, draft control descriptions, and identify potential compliance gaps before audits.
  • Apply a human‑in‑the‑loop approach to AI usage by critically reviewing and validating AI‑generated outputs for accuracy and completeness.
  • Review technical configuration reports for infrastructure, networking, containers, and databases to determine whether settings align with secure configuration expectations.
  • Research and identify appropriate secure configurations and control implementations for technologies not previously encountered.
  • Clearly explain to engineers what specific evidence or configurations are required, using precise technical language rather than generic control descriptions.
  • Collaborate with engineering and security teams to define and refine technical controls that align with ISO, SOC 2 Type 2, and other relevant frameworks.
  • Communicate complex compliance requirements in clear, accessible terms to non‑technical stakeholders across the organization.
  • Push back constructively on auditors when appropriate, providing reasoned explanations and evidence to support the existing control environment.
  • Contribute to the continuous improvement of compliance processes by identifying opportunities to streamline workflows and reduce manual effort through automation and AI.
Essential Skills
  • Proven, specific experience managing end‑to‑end ISO and SOC 2 Type 2 audits, including planning, execution, and final reporting.
  • Baseline understanding of ISO and SOC 2 Type 2 frameworks and their associated control requirements.
  • Experience running audits, with a preference for technology‑focused auditing experience.
  • Demonstrated ability to understand and assess technical controls in cloud and SaaS environments.
  • Technical literacy in cloud platforms, with a particular preference for experience with AWS.
  • Ability to read and interpret technical configuration reports and determine whether configurations meet secure standards.
  • Capability to identify when provided technical evidence is insufficient or invalid and to request appropriate corrective evidence.
  • Demonstrated experience using AI and large language models to streamline compliance and audit tasks, including evidence collection and analysis.
  • A clear human‑in‑the‑loop philosophy for validating AI output to ensure accuracy and reliability.
  • Strong communication skills, including the ability to explain complex compliance requirements to non‑technical stakeholders.
  • Ability to…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary