Aprio PH - Senior Compliance Analyst

Work with a nationally ranked CPA and advisory firm that is passionate for what's next. Aprio has 30 U.S. office locations, one in the Philippines and more than 2,100 team members that speak 60+ languages across the globe. By bringing together proven expertise, deep understanding, and strategic foresight for fast-growing industries, Aprio ensures clients are prepared for wherever life or business may take them. Discover a top-rated culture, vast growth opportunities and your next big career move with Aprio.
Join Aprio's Cybersecurity team and you will help clients maximize their opportunities. Aprio is a progressive, fast-growing firm looking for a Senior Compliance Analyst to join their dynamic team. 

Position Responsibilities:

• Governance & Compliance: 
• Assist in developing, maintaining, and updating security policies, standards, and procedures to align with industry frameworks (e.g., NIST, ISO 27001, SOC 2, PCI-DSS). 
• Monitor compliance with regulatory requirements (e.g., GDPR, CCPA, HIPAA) and support audits by gathering evidence and preparing reports. 
• Support internal and external security assessments, including gap analyses and control testing. 
• Risk Management: 
• Conduct security risk assessments to identify vulnerabilities and recommend mitigation strategies. 
• Assist in the development of risk treatment plans and track remediation efforts. 
• Work with business units to identify potential security risks and implement appropriate controls. 
• Security Audits & Assessments: 
• Support security audits by collecting and reviewing evidence, documenting findings, and tracking corrective actions. 
• Assist in vendor risk management by evaluating third-party security postures and ensuring compliance with security requirements. 
• Maintain documentation and reports related to security risks, compliance activities, and control effectiveness. 
• Security Awareness & Training: 
• Help develop and deliver cybersecurity awareness training programs for employees. 
• Promote best practices for data protection, incident response, and regulatory compliance. 

Qualifications & Skills:

• Education: Bachelor’s degree in Information Security, Cybersecurity, Computer Science, Business, or a related field. Relevant certifications (CISA, CISSP, CRISC, or CISM) are a plus. 
• Experience: 2-5 years of experience in cybersecurity, GRC, risk management, or IT compliance. 
• Knowledge of Frameworks & Regulations: Familiarity with industry standards such as NIST, ISO 27001, SOC 2, PCI-DSS, GDPR, and HIPAA is a plus.
• Technical Skills: Understanding of cybersecurity principles, risk assessment methodologies, and security controls. 
• Analytical & Communication Skills: Strong problem-solving abilities, attention to detail, and ability to communicate security concepts to technical and non-technical stakeholders. 
• Tools & Technologies: Experience with GRC tools, security auditing software, risk assessment platforms, and OneTrust is a plus. 

Perks/Benefits we offer for full-time team members:- Wellness program- HMO coverage- Rewards and Recognition program- Free shuttle service (provided by CDC | for onsite employees)- Free lunch meal (For onsite employees)- On-demand learning classes- Discretionary time off and Holidays- Performance-based salary increase- Discretionary incentive compensation based on client or individual performance- Hybrid set up to selected roles/location, terms and conditions may apply- CPA & Certification Assistance and Bonus Program  What's in it for you:- Working with an industry leader: Be part of a high-growth firm that is passionate for what's next.- A great team: Work with a high-energy, passionate, caring, and ambitious team of professionals in a collaborative culture.- Growth opportunities: Grow professionally in an environment that fosters continuous learning and advancement.- Competitive compensation: You will be rewarded with competitive compensation.  EQUAL OPPORTUNITY EMPLOYERAprio is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race; color; religion; national origin; sex; pregnancy; sexual orientation; gender identity and/or expression; age; disability; genetic information, citizenship status; military service obligations or any other category protected by applicable federal, state, or local law.