Job Title: Compliance Analyst (GRC / Security Compliance)
Location: 100% Remote
Duration: Long Term
Job Summary:
We are seeking a detail-oriented Compliance Analyst to support governance, risk, and compliance (GRC) initiatives across global security frameworks. This role focuses on risk identification, assessment, monitoring, and reporting, with a strong emphasis on regulatory compliance programs such as IRAP, FedRAMP, and DoD.
The ideal candidate will have experience in security compliance, audits, vendor risk management, and customer assurance within cloud/SaaS environments, along with a strong understanding of industry frameworks and control assessments.
Key Responsibilities
- Support risk identification, assessment, monitoring, and reporting activities across the organization
- Assist in internal and external audits, including control testing, evidence collection, and compliance reporting
- Work with cross-functional teams to define, prioritize, and track remediation efforts
- Validate and verify implementation of remediation actions
- Conduct vendor and third-party risk assessments
- Support customer assurance activities by addressing security and compliance inquiries
- Contribute to governance, risk, and compliance (GRC) initiatives and advisory functions
- Continuously identify opportunities to improve or automate compliance processes
Required Qualifications
3+ years of experience in IT/security compliance, risk management, or GRC
Hands-on experience with compliance frameworks such as:
- IRAP (Australian Signals Directorate)
- FedRAMP
- NIST
- DoD SRG (Cloud Computing Security Requirements Guide)
- CMMC or similar standards
Experience in audit, control assessment, and compliance program execution
Exposure to program/project management and compliance lifecycle activities
Solid understanding of:
- Operating systems (Windows, Linux)
- Networking and infrastructure
- Databases and application environments
- Virtualization and cloud platforms (AWS, Azure, SaaS)
Preferred / Nice-to-Have Skills
- Experience creating System Security Plans (SSPs) or authorization documentation
- Familiarity with federal compliance authorization processes
- Ability to translate risk into actionable business strategies
- Experience with cloud-based environments and SaaS platforms
- Exposure to Apptio products/services (or similar FinOps tools)
- Strong analytical mindset with a focus on process improvement and automation
- Willingness to learn and adapt to new technologies and domains
Never miss an opportunity! Create an alert based on the job you applied for.
