Remote Senior Information Security Analyst (Compliance)

Posted

Apply now
Please, let Granicus know you found this job on RemoteYeah. This helps us grow 🌱.

Description:

  • Granicus is seeking an experienced Senior Information Security Analyst with a focus on compliance audits and control mapping.
  • The role involves managing external compliance audits for frameworks such as FedRAMP, TxRAMP, ISO 27001, SOC 2, HIPAA, FISMA, CJIS, PCI, and Cyber Essentials.
  • Responsibilities include preparing for internal audits, reviewing evidence, coordinating schedules, and managing deliverables.
  • The analyst will centralize and manage audit runbooks, track audit findings, and lead retrospections to identify improvement opportunities.
  • The position requires building relationships with external auditors and control owners, providing guidance on compliance requirements, and participating in change control review meetings.
  • The analyst will manage security projects aimed at improving the Information Security Management System (ISMS) and assist as a security subject matter expert for support requests.
  • The role also involves responding to customer inquiries and maintaining a security answer library, as well as reviewing and updating security training content annually.

Requirements:

  • Candidates must have 7+ years of experience in information security and compliance.
  • Direct experience leading third-party cloud security audits, such as ISO 27001, SOC 2 Type II, FedRAMP, StateRAMP, and TxRAMP is required.
  • Knowledge of common security frameworks, including NIST 800-53, ISO 27001, PCI, HIPAA, SOC 2, and Cyber Essentials is essential.
  • The candidate should understand the nuances between different audit frameworks to educate and support internal control owners.
  • Experience in documenting company security policies and procedures is necessary.
  • Strong written and verbal communication skills are required.
  • Program management experience for multiple compliance frameworks is needed.
  • Familiarity with a robust product set, including software and cloud services, is important.
  • The ability to work with both technical and non-technical teams is essential.
  • Familiarity with AWS, Azure, and/or GCP cloud security and infrastructure is preferred.
  • Relevant security certifications such as CISSP, CISM, CISA, CRISC, or equivalent are a plus.

Benefits:

  • Granicus promotes a remote-first work environment with a globally distributed workforce.
  • The company fosters a transparent, inclusive, and safe culture, encouraging diverse voices through Employee Resource Groups.
  • Employees have opportunities to engage with leadership, including sessions with the CEO on important issues.
  • The company supports various community-focused Microsoft Teams groups centered on wellness, art, family, and more.
  • Granicus is committed to equal employment opportunities, ensuring all qualified applicants are considered without discrimination.
Apply now
Please, let Granicus know you found this job on RemoteYeah . This helps us grow 🌱.
About the job
Posted on
Job type
Full-time
Salary
-
Location requirements
Armenia - Remote Australia - Remote Canada - Remote India - Remote New Zealand - Remote United Kingdom - Remote United States - Remote Asia - Remote Oceania - Remote Americas - Remote EMEA - Remote
Position
Cybersecurity Engineer
Experience level
Senior
Technology stack
AWS Azure GCP Netsuite
G
Granicus's company logo
Granicus
View company profile Visit granicus.com
Report this job

Job expired or something else is wrong with this job?

Report this job
Leave a feedback