Security And Compliance Analyst

Summary

Join Propelus as a Security and Compliance Analyst and ensure the company maintains the highest security and compliance standards. You will manage compliance audits, respond to security questionnaires, and identify risks, leveraging automation tools to streamline workflows. This role requires collaboration with internal and external stakeholders, including auditors and government agencies. The ideal candidate is detail-oriented, technically proficient, and possesses excellent communication skills. You will be responsible for maintaining security documentation, implementing automation, and acting as a subject matter expert on various compliance frameworks. Propelus offers a comprehensive benefits package, including professional development opportunities, flexible work arrangements, and a 401k with company matching.

Requirements

• Minimum of three years of experience in security and compliance-related roles
• Bachelor's degree in a related field or equivalent relevant experience
• Strong understanding of security concepts such as authentication, authorization, encryption, and availability
• Experience with compliance frameworks including NIST, SOC2 Type II, CMMC, StateRAMP, FedRAMP, HIPAA/HITECH, or similar
• Proficiency with Google Workspace, Microsoft Office, and other productivity tools
• Excellent written and verbal communication skills with the ability to translate technical details for diverse audiences
• Strong problem-solving skills and ability to work independently in a fast-paced environment

Responsibilities

• Complete and manage security compliance questionnaires from clients
• Lead audit meetings, effectively communicating security practices and providing necessary documentation
• Identify compliance gaps and proactively address potential risks to recurring compliance initiatives
• Maintain and update documentation, including internal security policies, procedures, and periodic security reviews
• Collaborate with external auditors, internal employees, and regulatory bodies to ensure compliance with industry standards
• Implement automation tools to enhance compliance workflow efficiency
• Regularly assess and improve compliance processes to align with evolving security requirements
• Monitor security controls and ensure continuous compliance with relevant frameworks
• Act as a subject matter expert on compliance frameworks such as NIST, SOC2 Type II, CMMC, StateRAMP, FedRAMP, and HIPAA/HITECH
• Educate and train internal stakeholders on security policies, standards, and best practices
• Provide clear and concise explanations of security concepts to non-technical stakeholders

Preferred Qualifications

Security certifications such as CC, Security+, CEH, or equivalent are preferred

Benefits

• Professional development allowance to help you grow in the ways that mean the most to you
• Flexibility for balancing work with the rest of life and ample PTO, including paid time off for volunteering and for becoming a new parent
• 401K with company matching, as well as financial planning education and resources
• Employees choose from HSA, FSA and traditional insurance options for medical, dental, and vision coverage for themselves and dependents
• Wellness benefits - we’ll help you pay for fitness endeavors and organic produce delivery services