Security & Compliance Analyst

At DNSFilter, our mission is to safeguard our customers and partners with exceptional products! We are transforming the landscape of network security by delivering fast, precise, and dependable threat protection and content filtering solutions. As a rapidly expanding company, we are committed to fostering a safer internet for businesses and organizations globally. Utilizing AI-powered threat intelligence, DNSFilter enables our customers to proactively block threats before they disrupt their networks. We cultivate a collaborative, innovative, and results-driven culture where every team member plays a vital role in our mission to enhance internet safety. As we continue to grow through innovative product enhancements, we are searching for a passionate Security & Compliance Analyst to lead our compliance initiatives and engage in hands-on security operations. This hybrid role consists of approximately 70% Governance, Risk, and Compliance and 30% Security Operations. You will be instrumental in maintaining our compliance framework while also delving into projects related to access management, device posture, and security observability. This position is not just about drafting policies that go unread; you will collaborate closely with our security team, engage with real systems, and make tangible improvements to our security posture. We welcome candidates with experience in fast-paced, small to mid-sized SaaS start-ups or scale-ups. This is a full-time position, preferably for candidates located in the United States. We understand that individuals bring diverse experiences and skills beyond technical requirements. If this role resonates with you, we encourage you to apply. We value diversity of experience and believe that a combination of skills and passion drives innovation and excellence. Therefore, we invite applicants from all backgrounds to apply!

**This position is contingent upon contract award**SOSi is looking for a dedicated Security & Compliance Analyst to fulfill mission requirements by developing, integrating, and maintaining a scalable and federated data ecosystem. This role is crucial for enhancing interoperability, governance, and mission-driven analytics for our Department of Defense (DoD) client. The primary goal is to address operational challenges between DoD, Intelligence Community (IC), interagency, and international partners, facilitating real-time information exchange and customized analytical capabilities.Key Responsibilities:Oversee and validate Kubernetes and data lake deployments to ensure compliance with Risk Management Framework (RMF), NIST 800-53, and DoD IL4/IL5 standards, in collaboration with cybersecurity teams.Maintain continuous monitoring dashboards and conduct vulnerability assessments of the deployed infrastructure and workloads, supporting the agency’s Authority to Operate (ATO) process and overall risk posture.Draft and update security documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POA&Ms) to reflect architectural changes and risk conditions.Implement encryption, logging, and identity access management policies (IAM, RBAC, audit logging) to ensure accountability across the Kubernetes-based data environment.Compile the Security & Compliance Assessment Report, summarizing control effectiveness, findings, and suggested remediation measures.

At the forefront of technological innovation, Pure Storage is transforming the data storage industry. Join a team that values innovative thinking and offers opportunities for professional growth while collaborating with some of the brightest minds in the tech sector.If you're passionate about making a global impact and eager to explore countless opportunities, we invite you to become part of our mission.THE ROLEAt Pure Storage, Information Security is paramount. Our Security team, a critical engineering-focused unit, is dedicated to safeguarding both our corporate environment and our services. We prioritize staying ahead of the latest security technologies and proactively addressing the ever-evolving threat landscape.We are on the lookout for a proactive, detail-oriented Security Analyst, Compliance who can independently manage compliance certification programs with minimal supervision while actively supporting the overall compliance initiatives of our team.WHAT YOU'LL DOImplement and manage compliance certification programs (such as SOC 2, ISO 27001, FedRAMP, Common Criteria) to ensure all security and regulatory requirements are fulfilled.Work collaboratively with cross-functional teams (including Engineering, Legal, and Product) and liaise with external auditors/stakeholders to facilitate smooth project execution and successful outcomes.Support internal teams by conducting independent assessments and audits, translating complex security and compliance controls into actionable technical solutions and implementation strategies.Develop, track, and report on key compliance metrics (KCMs), continuously seeking process improvements to align with evolving industry standards and best practices.Create and maintain comprehensive compliance documentation, including control narratives, audit evidence, and supporting materials, ensuring they are accurate, up-to-date, and ready for audits.Independently oversee recurring tasks and events such as access reviews and vulnerability scans across various business units with different scopes.This is primarily an in-office role, and you will be expected to work from our Lehi, UT office in accordance with Pure's policies unless you are on PTO, business travel, or other approved leave.

Join Blackpoint Cyber as a Security Compliance Analyst and play a vital role in ensuring our cybersecurity compliance framework is robust and effective. In this fully remote position, you will collaborate with cross-functional teams to audit and enhance security policies, ensuring adherence to industry standards. Your analytical skills will be pivotal in identifying potential vulnerabilities and recommending solutions to mitigate risks.

Join Hive as a Security Compliance Analyst, where you will play a pivotal role in ensuring our information security governance and compliance standards are met. Collaborate with engineers and auditors to strengthen our security compliance framework. You will be responsible for addressing auditors' inquiries and managing on-call operations, while contributing to the risk management program led by our Information Security team. If you're passionate about securing innovative AI solutions, we want to hear from you!

About UsAt Rain, we are pioneering the future of payments on a global scale. Our dynamic team, composed of seasoned founders and innovators, is dedicated to making stablecoins accessible in the real world. We facilitate card transactions, cross-border payments, B2B purchases, remittances, and more, partnering with fintechs, neobanks, and institutions to create inclusive and efficient solutions. Join us in shaping a borderless financial future at a rapidly growing company backed by top investors in the fintech, crypto, and SaaS sectors.Our CultureWe embrace a flat organizational structure that empowers every team member to grow in alignment with their personal goals. Everyone, regardless of their role, is encouraged to share ideas and contribute to the company's roadmap and vision.Your RoleLead the compliance program for DORA, SOC 2, SOC 1, GDPR, and PCI, ensuring adherence to regulatory and audit standards.Oversee compliance audits and certifications from start to finish, including renewals and new certifications.Update and refine Rain’s policies to align with regulatory expectations consistently across all entities.Collaborate with engineering, security, legal, and operations teams to ensure operational compliance with our policies.Promote a proactive compliance culture by educating the team on obligations and integrating compliance into daily operations.Identify potential compliance gaps early and implement remediation strategies to ensure audit readiness.Support the team in enhancing compliance-related activities, including KYB, KYC, and AML processes, informed by operational data.QualificationsOpen to candidates based in the US and EU.3–7+ years of experience in compliance, GRC, or security assurance, preferably in fintech, payments, SaaS, or similar regulated sectors.Strong knowledge of SOC 2, SOC 1, GDPR, PCI, and other compliance frameworks.Excellent analytical and problem-solving skills.Strong communication skills and ability to work collaboratively.

At OneStudyTeam, a subsidiary of Reify Health, we are dedicated to accelerating clinical trials and enhancing the likelihood of new therapies receiving approval, with the ultimate aim of improving patient outcomes. Our innovative cloud-based platform, StudyTeam, digitizes research site workflows, enabling sites, sponsors, and other key stakeholders to collaborate more efficiently. Trusted by leading global biopharmaceutical companies, StudyTeam is utilized in over 6,000 research sites across more than 100 countries. Join us in our mission to enhance clinical research and patient care.One mission. One team. That’s OneStudyTeam.We are looking for a Senior Security Compliance Analyst with a solid background in Governance, Risk, and Compliance (GRC) to bolster our security and compliance initiatives within the healthcare sector. This pivotal role is essential for ensuring compliance with industry regulations, addressing customer audits, and upholding adherence to ISO 27001, HIPAA, and other critical security frameworks.The successful candidate will possess a meticulous attention to detail, capable of navigating complex regulatory landscapes, supporting both internal and external audits, and driving continuous enhancements in security governance. The ideal candidate will operate autonomously while fulfilling the following responsibilities.Key Responsibilities:Lead and facilitate customer security audits, addressing security questionnaires and demonstrating compliance with security frameworks.Prepare, coordinate, and oversee ISO 27001 audits, including evidence gathering, control implementation, and auditor engagement.Ensure ongoing compliance with HIPAA, NIST CSF, and other regulatory standards relevant to healthcare data security.Develop and uphold policies, procedures, and security documentation to meet regulatory and contractual requirements.Conduct gap analyses and risk assessments to pinpoint and mitigate compliance risks.Manage and enhance security governance frameworks, ensuring alignment with industry best practices and organizational objectives.Execute third-party vendor risk assessments, confirming adherence to security policies and contractual obligations.Monitor security controls to ensure effectiveness and promote ongoing improvement in line with security frameworks.Support security awareness training initiatives to ensure staff are well-versed in compliance responsibilities.Stay abreast of ISO 27001, HIPAA, NIST 800-53, and other pertinent standards, translating complex requirements into actionable policies.

Join NetBrain Technologies as a Senior Security Compliance Analyst, where you will play a vital role in safeguarding our organizational integrity and compliance with security regulations. In this hybrid position based in Burlington, MA, you will collaborate with cross-functional teams to develop, implement, and maintain security compliance programs that align with industry standards.

About OpenSesame OpenSesame is your trusted ally in Workforce Reinvention amidst the evolving landscape of AI. We provide integrated software solutions, curated content, and expert services to seamlessly embed learning, HR, and work systems, empowering organizations to harness their human+AI potential and flourish through transformation. Learn more: www.opensesame.com/about About the Role As a Senior Security Analyst on our Compliance team, you will play a pivotal role in enhancing OpenSesame’s security framework in a dynamic, high-growth setting. We seek an individual with profound technical security knowledge, a proactive approach, and the ability to simplify intricate risks into effective, scalable solutions. This position encompasses vulnerability management, penetration testing, bug bounty programs, cloud and application security, and audit preparedness. Collaborating with teams across Engineering, DevOps, IT, and Compliance, you will enhance security processes, support compliance initiatives, and ensure that security is ingrained in our operations, particularly as we advance our AI security methodology. We value demonstrated experience in your career that showcases your capability to manage penetration testing programs, establish vulnerability management systems, implement security automation, and guide organizations in the secure adoption of modern technologies, including AI. You will thrive in this role if you are detail-oriented, collaborative, and eager to create programs that mitigate risks, enhance visibility, and foster safe innovation across the organization. Performance Objectives Gain a comprehensive understanding of OpenSesame’s external attack surface, vulnerabilities, and threat landscape by integrating data from CrowdStrike, AWS, GCP, and application security tools. Oversee external penetration testing engagements from start to finish, including vendor selection, scope design, execution supervision, remediation validation, and executive reporting. Establish and operationalize a structured vulnerability management program in collaboration with DevOps, Engineering, and IT to effectively prioritize and mitigate risks. Develop scalable evidence collection and control mapping workflows using Drata to enhance audit readiness and streamline processes.

At Hot Topic, technology plays a vital role in driving our operations forward. We are seeking a dynamic Senior Information Security Compliance Analyst to join our team. This pivotal role involves the implementation and management of our information security compliance framework and program. You will collaborate closely with various departments, including IT, e-commerce, legal, and business units, to ensure that we meet all compliance requirements.The ideal candidate will possess extensive experience in compliance management frameworks and programs, a thorough understanding of information security technologies, and a solid knowledge of data privacy laws and regulations. This role requires effective collaboration with development teams, legal advisors, IT staff, engineering, and operational personnel to assess, report, and uphold compliance with security industry standards and regulatory mandates.This position requires on-site presence two days a week at our headquarters in City of Industry, CA.The salary range for this position is $100,000 - $115,000.Please note that the final salary will be determined based on various factors, including the candidate's education, location, qualifications, training, and experience.

Join Us in Shaping the Future of CryptocurrencyAt Kraken, our team of dedicated Krakenites is driven by a shared passion for cryptocurrency and blockchain technology. We strive to uncover and maximize the potential of these transformative innovations.Why Choose Kraken?Kraken is not just a company; it's a movement fueled by our commitment to the core values of crypto. As a part of our team, you'll contribute to our mission of accelerating the global adoption of cryptocurrency, empowering individuals towards financial freedom and inclusivity. For over ten years, our unwavering focus on this mission and our crypto ethos has drawn some of the brightest minds in the industry.Prior to applying, we encourage you to explore our Kraken Culture page to understand our values and internal culture better. Candidates should also become familiar with the Kraken app; learn how to create an account here.As a fully remote organization, we proudly have Krakenites in over 70 countries, communicating in more than 50 languages. Our team consists of industry leaders who create top-tier crypto products for seasoned traders, institutions, and newcomers alike. Kraken emphasizes leading security practices, crypto education, and exceptional customer support through our offerings, including Kraken Pro, Desktop, Wallet, and Kraken Futures.Become a part of the Kraken family and help us build the future of crypto!Proven Track RecordAbout the TeamKraken's elite Security Team is expanding. As we continue to enhance our information technology controls program, we are looking for a senior professional to join us...

**This position is contingent upon contract award**SOSi is on the lookout for a dedicated Security & Compliance Administrator to play a pivotal role in supporting mission objectives. This position involves a structured approach to developing, integrating, and maintaining a scalable, federated data ecosystem, aimed at enhancing interoperability, governance, and mission-driven analytics for our Department of Defense (DoD) clientele.Key Responsibilities:Oversee and validate Kubernetes and data lake deployments to ensure compliance with Risk Management Framework (RMF), NIST 800-53, and DoD IL4/IL5 standards, collaborating with agency cybersecurity teams.Develop and maintain continuous monitoring dashboards while performing vulnerability scans on deployed infrastructure and workloads, thereby aiding the agency’s Authority to Operate (ATO) process and overall risk posture.Draft and update essential system security documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POA&Ms), reflecting updates to architecture, controls, or risk conditions.Implement and enforce encryption, logging, and identity access policies (IAM, RBAC, audit logging) to ensure robust traceability and accountability throughout the Kubernetes-based data architecture.Compile the Security & Compliance Assessment Report, providing a detailed summary of control effectiveness, findings, and suggested remediation actions.

Join Acumen LLC as a dedicated Information Security Compliance Analyst I, where you will play a crucial role in ensuring our information security policies and procedures are met. This position is perfect for individuals passionate about maintaining compliance and enhancing data protection measures.

CLEAR builds a secure identity platform used by over 38 million members worldwide. Our technology helps people move smoothly through airports, stadiums, and other venues, with a growing network of partners. Role Overview The Security Compliance Analyst will oversee IT General Controls (ITGCs) and support SOX audit readiness. This position focuses on strengthening compliance processes, improving the quality of evidence, and maintaining strong controls as CLEAR grows.

Join 360IT Professionals as a Junior Security Analyst in Lansing, Michigan! In this entry-level role, you will play a pivotal part in ensuring the security and compliance of our clients' information systems by applying the NIST framework. You will assist in identifying vulnerabilities, implementing security measures, and monitoring compliance with security policies.

At Notable, we are revolutionizing healthcare through our cutting-edge AI platform, enhancing workforce efficiency across health systems, hospitals, and payers. Our innovative solutions empower organizations to elevate the quality of care, bridge gaps in patient services, and drive member enrollment and retention—all while enabling scalable growth without the need for additional staffing.We are dedicated to transforming the healthcare landscape for patients, staff, and healthcare professionals alike. Our mission to positively impact the lives of 100 million patients is not just a vision; it's a reality we strive to achieve every day. By joining Notable, you become part of a team that is actively reshaping the future of healthcare.Our workplace culture is centered around purposeful collaboration, providing every individual the opportunity to excel in their role, work alongside top-tier colleagues, and enjoy the journey of accomplishing remarkable goals together.Role Overview:As a Security Analyst at Notable, you will play a pivotal role in safeguarding the sensitive healthcare data entrusted to us. You'll be responsible for maintaining our Information Security Management System (ISMS) policies and procedures in accordance with the latest industry best practices and security protocols. Your expertise will be essential in facilitating external security audits and collaborating with the information security teams of our clients. Working closely with various teams—including Product Management, Engineering, Sales, Operations, and Customer Success—you will ensure that information security is a fundamental aspect of our organizational decision-making.Key Responsibilities:Maintain and enhance Notable’s ISMS policy and procedural documentationAssist in conducting internal and external security audits (HITRUST, SOC 2, ISO, PCI)Guide Notable teams in ensuring ISMS compliance and addressing risk assessmentsEvaluate external vendors for adherence to ISMS standardsLead internal audits and investigations to ensure complianceComplete customer information security questionnaires and documentation requestsThrive in a fast-paced, collaborative environmentManage security compliance projects within GCP/AWS cloud environmentsDevelop and deliver effective security awareness training and materials (covering security protocols, PHI handling, and HIPAA compliance)

Join Filevine, a pioneering Legal AI company, as we redefine the future of legal work through Legal Operating Intelligence. Our innovative platform integrates data, documents, workflows, and teams into a cohesive system, ensuring clarity and consistency in modern legal operations.At the heart of our solutions is LOIS, the Legal Operating Intelligence System, which transforms legal processes from reactive to proactive. LOIS intelligently analyzes data to provide valuable insights, streamline complexities, and empower professionals with the knowledge and confidence to excel. Our commitment to excellence has garnered accolades and recognition from Deloitte and Inc., establishing Filevine as one of the fastest-growing and most innovative technology firms in the nation.Position Overview:We are seeking a dedicated Security Compliance Manager to strengthen our Information Security team. In this role, you will be responsible for ensuring that our platform, applications, and infrastructure meet the highest security and compliance standards, thereby safeguarding and enhancing customer trust. If you are a driven, detail-oriented professional with a passion for security and compliance, we invite you to explore this exciting opportunity to be part of a world-class team.

Rezilient is rethinking primary care by blending virtual provider visits with technology, aiming to make healthcare more accessible for patients. As the company grows, new specialty services are added and care delivery continues to evolve, always keeping patient well-being as the top priority. Role overview The Security and Compliance Manager leads Rezilient’s governance, risk, and compliance functions. This position manages essential frameworks and certifications, including SOC 2, HIPAA/HITECH, and HITRUST. The role involves maintaining security policies, coordinating audits, and ensuring vendors meet established standards. Key responsibilities Oversee the implementation and ongoing management of security and compliance frameworks Manage certifications and audits, such as SOC 2, HIPAA/HITECH, and HITRUST Develop and update security policies and procedures Monitor vendor compliance with Rezilient’s requirements Collaborate with product, engineering, clinical operations, and IT teams Integrate security and compliance into product development, care delivery, and internal systems Location This is a remote role based in the United States.

Role: Information Security AnalystLocation: Boston, MAContract Duration: 6 to 12+ Months!! Open to Green Card Holders and U.S. Citizens Only !!Required Qualifications:Bachelor's degree in Business with IT audit or compliance experience, or a degree in Computer Science with a focus on business and IT Audit/Compliance is preferred.5-7 years of overall IT experience.A minimum of 3 years of experience in a Security Analyst role.Familiarity with regulatory standards such as SOC, ISO, and Privacy Shield is advantageous.Experience with diverse technologies, including SharePoint, various networks, platforms, and applications. Understanding of IT audit methodologies and control frameworks is essential.Knowledge of Linux systems is a plus.Familiarity with security scanning and penetration testing tools (e.g., OpenVAS, Qualys, Acunetix) is beneficial; CISSP certification is preferred.Job Responsibilities:Provide expertise in information security to support compliance with information systems (SOC2 Type 2, ISO27K). Engage with pre-sales, sales, and post-sales activities at eFront.Propose and implement business processes to enhance overall security posture at eFront.Conduct regular reviews of security and privacy policies.Stay abreast of evolving security and privacy landscapes and propose relevant initiatives.Collaborate with both internal and external stakeholders on security audits and remediation processes.Monitor compliance against information security policies and standards through testing, internal control reviews, and risk assessments.Maintain awareness of external regulations and new requirements within IT, and identify industry standards that inform core IT processes (e.g., ISO27001, NIST, SSAE16).This role represents the company’s interests with customers, auditors, and third-party service providers.Facilitate internal and external audits within IT and conduct periodic assessments to address specific risks.Review IT audit findings with various IT functions, providing observations and recommendations while assisting in identifying control gaps and evaluating management action plans.

Join our team as a Senior Compliance Analyst, where you will play a crucial role in ensuring that our operations align with regulatory standards and internal policies. You will assess compliance risks, conduct audits, and implement strategies to mitigate potential issues. This position offers an exciting opportunity to work collaboratively with various departments to enhance our compliance framework and safeguard our integrity.