Security Compliance Analyst

Job Summary:
The Security Compliance Analyst ensures Inmar Intelligence adheres to applicable security standards, regulations, and frameworks. They collaborate across teams to identify compliance gaps, implement corrective actions, and strengthen our security posture.

Key Responsibilities:

• Analyze regulatory requirements, industry standards, and internal policies to ensure compliance with frameworks such as NIST CSF, SOC 2, PCI DSS, and GDPR.

• Conduct regular audits and assessments of systems, processes, and third-party vendors to identify compliance gaps.

• Participate and support client audits, internal/external audits, and  quality assessments to ensure compliance with organizational and regulatory requirements

• Collaborate with cross-functional teams to implement and document security controls, ensuring alignment with organizational goals to ensure compliance objectives are met.

• Develop and maintain compliance documentation, including risk assessments, policies, and procedures, to support audits and certifications.

• Monitor changes in regulations, industry standards, and best practices to update internal policies and frameworks proactively.

• Support incident response teams by ensuring post-incident reviews address compliance-related aspects.

• Train team members on compliance requirements and security best practices to cultivate a culture of accountability and awareness.

• Generate compliance reports and present findings to leadership, outlining actionable recommendations to mitigate risks.

• Analyze and respond to third-party security requests, such as RFPs, RFIs, and security questionnaires.

• Conduct contract reviews in collaboration with relevant stakeholders to identify security and compliance risks.

• Support security governance, risk, and compliance project efforts as needed.

Required Qualifications:

• Proven experience in compliance, risk management, or cybersecurity roles.

• In-depth knowledge of regulatory frameworks and security standards (e.g., NIST CSF, CIS Controls, OWASP, CPRA).

• Experience conducting audits or managing certifications such as SOC 2, NIST CSF, or similar.

• Proficiency with GRC tools or platforms.

• Strong analytical skills with a detail-oriented approach to identifying and addressing risks.

• Excellent communication skills, including the ability to present complex concepts to technical and non-technical audiences.

Preferred Qualifications:

• Certifications such as CISSP, CISM, CRISC, or CISA.

• Experience in cloud environments (e.g., AWS, Azure, GCP) and related compliance standards.

• Familiarity with privacy regulations, such as GDPR and HIPAA.

We are an Equal Opportunity Employer, including disability/vets.