Remote Senior Security Compliance Analyst (Remote - US)

at Jobgether

Posted 2 days ago 1 applied

Description:

  • Join a growing, remote-first SaaS company as a Senior Security Compliance Analyst in the United States.
  • Lead enterprise-level compliance efforts and own key security certifications such as FedRAMP, DoD IL2-5, SOC 2, and ISO 27001.
  • Work cross-functionally with teams across Engineering, Product, Sales, and HR to manage audit cycles, assess risk, and strengthen security practices.
  • Play a pivotal part in maintaining the organization’s credibility with government and enterprise clients.
  • This role offers an excellent opportunity for experienced professionals ready to make a high-impact contribution in a flexible, dynamic work environment.
  • Lead and manage compliance initiatives including FedRAMP, DoD IL2-IL4, SOC 2, PCI-DSS, and ISO 27001.
  • Serve as the internal subject matter expert across all relevant security frameworks and regulations.
  • Conduct detailed technical control assessments, policy reviews, and risk-based walkthroughs.
  • Provide executive-level reporting on residual risk, vulnerabilities, and overall compliance posture.
  • Support security automation and continuous monitoring projects to enhance efficiency.
  • Respond to customer security assessments, vendor questionnaires, and RFPs with technical expertise.
  • Guide teams through audit processes and ensure successful ongoing certification maintenance.
  • Champion the development of policies, training programs, and implementation of best practices.
  • Act as the primary point of contact for government security compliance matters.

Requirements:

  • Minimum of 5 years of experience managing security compliance audits, especially FedRAMP, DoD IL2-5, SOC 2, ISO 27001, and PCI.
  • Deep understanding of NIST 800-53, DoD SRG, and associated continuous monitoring processes.
  • Experience collaborating with Engineering, IT, Product, and other business teams.
  • Familiarity with privacy and security frameworks like GDPR, CCPA, CPRA, and EU Cyber Resilience Act is a plus.
  • Proven ability to produce clear and actionable risk assessments and remediation strategies.
  • U.S. citizenship is required due to the nature of compliance regulations.
  • Must hold either a CISSP or Security+ certification in good standing.
  • Additional certifications such as CISM, CISA, CRISC, SANS GIAC, or ISO 27001 Lead Auditor are a strong plus.

Benefits:

  • Salary range is $115,000 - $130,000.
  • 100% remote work with flexible scheduling.
  • Health, dental, and vision insurance for U.S.-based team members.
  • Mental health support via SpringHealth.
  • 401(k) with a 4% company match.
  • Unlimited PTO with a minimum of 2 weeks use required.
  • 9 paid company holidays.
  • Up to 16 weeks of paid parental leave.
  • Annual budget for professional development.
  • Charitable donation matching.
  • Company-provided Mac laptop.
  • A vibrant and collaborative remote culture with a focus on work-life balance.