Senior Security Compliance Analyst

What We Need

We are seeking a security and compliance leader to build and operationalize a scalable security program for our SaaS environment. This role will define policies, drive alignment with frameworks such as SOC 2, ISO 27001, and NIST, and partner cross-functionally to embed compliance into engineering, infrastructure, and business processes. You will own risk management initiatives—including third-party risk, control testing, and audit readiness—while ensuring the organization is prepared for certifications and regulatory requirements. Additionally, you will enhance our security posture through automation, continuous monitoring, and proactive improvements to mitigate evolving threats and compliance risks.

What You'll Do

Security Program & Compliance

• Own and scale the company’s SaaS security and compliance program, aligning to frameworks such as SOC 2, ISO 27001, NIST, and GDPR.
• Define and implement security policies, standards, and controls to meet regulatory and business requirements.

Risk Management & Audits

• Lead risk management efforts, including third-party risk assessments, control testing, and gap analysis.
• Drive audit readiness and execution, coordinating evidence collection and remediation for internal and external audits.

Policy Integration & Enablement

• Embed security and compliance requirements into engineering, infrastructure, and operational workflows.
• Partner cross-functionally with engineering, legal, and business teams to align on security and compliance goals.

Security Engineering & Continuous Improvement

• Partner with engineering to implement technical safeguards (e.g., access controls, logging, encryption) and automate compliance processes.
• Continuously monitor evolving threats and regulations, proactively strengthening the company’s security posture.

What You Bring

• Bachelor’s degree in Computer Science, Information Security, or related field, or equivalent experience.
• 4+ years of experience in information security, compliance, or related technical roles.
• Strong knowledge of security frameworks and regulations (e.g., ISO 27001, SOC 2, NIST, PCI-DSS, HIPAA, GDPR).
• Hands-on experience with cloud environments (AWS, Azure, or GCP) and related security services.
• Familiarity with auditing, logging, monitoring, SCA, DAST, SAST and vulnerability management tools.
• Excellent documentation, communication, and collaboration skills.
• Security certifications (e.g., CISSP, CISM, CISA, CCSK, or equivalent) preferred.
• Experience with automation tools for compliance (e.g., Terraform, Cloud Custodian, or compliance-as-code frameworks)
• Background in DevSecOps or secure software development practices preferred.
• Manual Dexterity: Repetitive motion of wrists, hands and fingers for using a computer.
• Stationary Tasks: Sitting for extended periods, remaining in a stationary position.

What We Offer

Our comprehensive compensation package is vital in how we recognize our people for the impact they make on us reaching our goals as a company.

For this role, the estimated base is $140,000 - $180,000 + Bonus. The actual salary may vary based on a range of factors, including market and individual qualifications objectively assessed during the interview process.

The range listed above is a guideline and may be modified. People Experience offers a comprehensive benefits package in addition to cash compensation that includes but is not limited to 401k and medical/dental coverage. Speak with your Recruiter for more details on our Total Rewards philosophy.