Compliance Analyst Jobs

Cresta

Location:
United States

Category:
IT - Administration

Contract Type:
Not provided

Salary:

140000.00 - 175000.00 USD / Year

Save Job

Apply Position

Job Description:

Cresta is seeking a passionate individual with solid security engineering experience to support the security & compliance team and enable growing global data protection and cybersecurity efforts.

Job Responsibility:

Lead and manage all customer-facing security conversations, partnering cross-functionally to ensure timely resolution of issues and seamless execution of the security review lifecycle within sales deals
Perform risk assessments to identify gaps, come up with recommendations, and drive the gaps to remediation
Streamline and lead SOC 2 Type II, ISO 27001/27701/42001, PCI-DSS, TISAX and HIPAA audit processes
Perform internal audits and keep the necessary documentation updated as required for audits
Perform gap assessments against new regions and target industry markets to comply with compliance regulations as the company expands
Conduct new-hire and annual security awareness training to educate personnel and re-iterate security and compliance requirements
Oversee and continuously improve the vendor risk management framework, ensuring effective identification, assessment, and mitigation of third-party risks
Establish metrics to track compliance program effectiveness and to report risk
Interface with both technical (Engineering/Product) and non-technical (Sales/Marketing/Customer Success) teams
Respond to customer RFIs, questions, audits and technical documentation requests
Help build our common control framework and drive adoption of the framework within the organization
Build and automate processes to achieve continuous compliance over the technology control environment
Assist with sales and marketing materials representing product security and compliance

Requirements:

4+ years of experience in security governance, IT audit, or security compliance management
3+ years of program management, with experience in affecting technology decisions
End-to-end experience going through SOC 2 Type II, HITRUST, HIPAA, TISAX, ISO 27001/27701/42001, FedRAMP, and PCI-DSS external audits
Experience in a hands-on technical role, with basic understanding of software implementation and integration
Experience with cloud environments on AWS, GCP, Azure
A track record of building relationships and credibility with business leads, external partners, and regulators through collaborative and independent programs
Experience managing competing efforts and requirements
Experience with fast-growing cloud native SaaS start-ups

What we offer:

Comprehensive medical, dental, and vision coverage with plans to fit you and your family
Flexible PTO to take the time you need, when you need it
Paid parental leave for all new parents welcoming a new child
Retirement savings plan to help you plan for the future
Remote work setup budget to help you create a productive home office
Monthly wellness and communication stipend to keep you connected and balanced
In-office meal program and commuter benefits provided for onsite employees
Offers Equity

Additional Information:

Job Posted:
December 07, 2025

Employment Type:

Fulltime

Work Type:

Remote work

View All Jobs In This Company

Job Link Share:

Compliance Analyst