CrawlJobs Logo

Information Security Compliance Analyst

Vietnam, Hanoi · Job Posted February 23, 2026
Apply Position
Job Link Share

Job Description

The focus of this Information Security Compliance Analyst role position is to support the customer request management and commercial agreements process ensuring customer due diligence request are supported from information security and compliance perspective. The analyst will also be required to support ongoing information security/compliance initiatives relating to the global information security compliance program from an operational perspective. The analyst must be organized with an ability to self-manage with multiple high priority initiatives.

Job Responsibility

  • Help support operational and process driven components of our ISO27001/SOC2/PCI information security program
  • Help drive a program of continual service improvement to ensure ongoing maturity of the global information security program
  • Help support the commercial agreement process by reviewing and providing feedback from a Compliance perspective, escalating risks and concerns where necessary
  • Coordinate, contribute and complete Requests for Proposals (RFPs), Due Diligence Questionnaires (DDQs), Security Questionnaires as well as ad-hoc questionnaires/requests for prospects and existing customers
  • Help maintain and expand the information security and privacy customer response/knowledgebase platform to ensure all information is regularly reviewed, is up to date and relevant across the product portfolio and other related engagements
  • Develop a strong understanding of our Software Service business, and what the products offer
  • Ensure high quality customer facing content, contribute to complex projects individually as well as balancing priorities within the team
  • Identify, communicate and escalate risks associated with customer proposals as well as the information security/compliance program overall
  • Work closely with Compliance Team members, Subject Matter Experts and other stakeholders/internal customers across the business, where necessary
  • Develop knowledge of industry trends, competitive landscape to facilitate improved customer experience
  • Support ongoing compliance initiatives relating to the global information security compliance program
  • Ensuring that information provided to customer is accurate and fit for purpose based on existing practices

Requirements

  • Experience working in an Information Security role dealing specifically with governance, risk and compliance areas is preferred
  • Awareness of Information Security Compliance programs such as ISO27001, SOC2 & PCI
  • Ensure that information security control requirements are met from an operational perspective
  • The ability to identify risks, issues and vulnerabilities
  • The ability to work proactively, pragmatically and collaboratively in a fast-paced working environment, balancing multiple concurrent activities
  • Knowledge of responding to Customer related Information Security and Privacy due diligence requests
  • Experience working with contractual agreements within the Compliance area
  • Strong communication skills collaborating with internal teams, enjoy collaborating across departments
  • Calm presence under tight deadlines
  • Self-starter, consistent performer, professional, positive attitude
  • Excellent attention to detail
  • Service-oriented mindset
  • Excellent verbal & written communication skills

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Information Security Compliance Analyst

8 matching positions

Information Security Compliance Analyst

At Optimizely, we're on a mission to help people unlock their digital potential....
Location
Location
Bangladesh , Dhaka
Salary
Salary:
Not provided
optimizely.com Logo
Optimizely
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience working in an Information Security role dealing specifically with governance, risk and compliance areas is preferred
  • Awareness of Information Security Compliance programs such as ISO27001, SOC2 & PCI
  • Ensure that information security control requirements are met from an operational perspective
  • The ability to identify risks, issues and vulnerabilities
  • The ability to work proactively, pragmatically and collaboratively in a fast-paced working environment, balancing multiple concurrent activities
  • Knowledge of responding to Customer related Information Security and Privacy due diligence requests
  • Experience working with contractual agreements within the Compliance area
  • Strong communication skills collaborating with internal teams, enjoy collaborating across departments
  • Calm presence under tight deadlines
  • Self-starter, consistent performer, professional, positive attitude
Job Responsibility
Job Responsibility
  • Help support operational and process driven components of our ISO27001/SOC2/PCI information security program
  • Help drive a program of continual service improvement to ensure ongoing maturity of the global information security program
  • Help support the commercial agreement process by reviewing and providing feedback from a Compliance perspective, escalating risks and concerns where necessary
  • Coordinate, contribute and complete Requests for Proposals (RFPs), Due Diligence Questionnaires (DDQs), Security Questionnaires as well as ad-hoc questionnaires/requests for prospects and existing customers
  • Help maintain and exand the information security and privacy customer response/knowledgebase platform to ensure all information is regularly reviewed, is up to date and relevant across the product portfolio and other related engagements
  • Develop a strong understanding of our Software Service business, and what the products offer
  • Ensure high quality customer facing content, contribute to complex projects individually as well as balancing priorities within the team
  • Identify, communicate and escalate risks associated with customer proposals as well as the information security/compliance program overall
  • Work closely with Compliance Team members, Subject Matter Experts and other stakeholders/internal customers across the business, where necessary
  • Develop knowledge of industry trends, competitive landscape to facilitate improved customer experience
What we offer
What we offer
  • Best-in-class compensation plans
  • Two annual festival bonuses
  • Recognition and rewards programs
  • Vacations days
  • Annual Work/Service Anniversary Leave
  • Parental leave (both maternity and paternity)
  • Health insurance
  • Reproductive benefits for both parents
  • Volunteering opportunities to make a difference
  • Chance to work alongside our incredible global team
Read More
Arrow Right

Lead Analyst, Information Security Governance & Compliance

Beacon Hill Technologies is partnering with a client to identify a Lead Analyst,...
Location
Location
United States , Boca Raton
Salary
Salary:
Not provided
bhsg.com Logo
Beacon Hill
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Practical, working knowledge of audit and assurance concepts and terminology
  • Experience supporting both internal and external audits
  • Ability to evaluate the quality and sufficiency of audit evidence
  • Strong attention to documentation, traceability, and control effectiveness
  • Prior experience in information security governance, compliance, or risk management
  • Demonstrated ability to lead work while remaining directly involved in execution
  • Clear communication skills, particularly when explaining audit or compliance topics
  • Bachelor’s degree in Information Security, Risk Management, or a related discipline
  • 7+ years of experience in governance, risk, and compliance or information security roles
  • Familiarity with security and control frameworks such as NIST or ISO
Job Responsibility
Job Responsibility
  • Support and guide audit, compliance, and risk activities within the information security organization
  • Ensure audit readiness
  • Coordinate audit responses
  • Validate the quality and completeness of evidence
Read More
Arrow Right

Senior Information Security Cyber Security Data Analyst

Senior Information Security Cyber Security Data Analyst – Assistant Vice Preside...
Location
Location
India , Pune
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8-12 years of relevant experience in Cyber Security, Information security, primarily into building data pipelines, Data collection and management, Data transformation etc.
  • Building Data Pipelines: Creating systems for collecting, storing, and transforming data from various sources. Impala, Hive
  • Data Collection and Management: Data engineers are responsible for gathering data from various sources, ensuring its quality, and making it accessible for analysis.
  • Data Transformation: They convert raw data into usable formats, often using ETL (Extract, Transform, Load) processes, to big data platform of Hadoop, Cloud technologies like DataBricks and Snowflake to make it suitable for analysis and reporting.
  • Applicable Certifications or willingness to earn within 12 months of joining
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor’s degree/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Identify potential information security (IS) risks and make recommendations for enhancement
  • Collect and analyze security risk evidence and coordinate with internal and external compliance and auditing agencies / officials
  • Execute meetings and communicate complex security topics and safe IS practices with all levels of the organization
  • Ensure that controls are utilized daily and that non-compliance remediation is addressed
  • Provide IS consulting services, including interpreting and/or clarifying information security policy, procedures, standards or concepts
  • Assist with defining and implementing IS standards to align procedures and practices in compliance with Citi standards
  • Educate and advise on safe information security practices and current, changing, and/or recommended information security requirements
  • Validate compliance with IS policies, practices, and procedures, and resolve a variety of IS related issues in coordination with the business
  • Assume informal/formal mentorship role within teams and assist with the coaching and training of new team members
  • Has the ability to operate with a limited level of direct supervision.
  • Fulltime
Read More
Arrow Right

Information Assurance Specialist I (Information Security Analyst)

Barbaricum is seeking an Information Assurance Specialist I (Information Securit...
Location
Location
United States , Indianapolis
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD Secret Clearance
  • Bachelor's degree in related field
  • Meet DoDM 8140.03 IAT III/IAM II requirements
  • Minimum 2yr experience in network operations and information security
  • Demonstrated experience assessing security controls based on cybersecurity principles and tenets (e.g., NIST SP 800-53, Cybersecurity Framework, etc.)
  • In-depth understanding of relevance of NIST Security Controls and Control Implementation methodologies to the SA&A process
  • Demonstrated experience with continuous monitoring/ongoing authorization
Job Responsibility
Job Responsibility
  • Support cybersecurity compliance, risk management, and information assurance activities for Department of Defense (DoD) systems and networks
  • Assist in assessing and validating security controls in accordance with NIST SP 800-53, the NIST Cybersecurity Framework, and applicable DoD requirements
  • Support the Security Assessment and Authorization (SA&A) process by reviewing control implementations, identifying risks, and documenting findings
  • Participate in continuous monitoring and ongoing authorization activities to help maintain system security posture and compliance
  • Assist with vulnerability assessments, security reviews, and remediation tracking efforts across enterprise environments
  • Collaborate with system administrators, engineers, and cybersecurity personnel to implement and maintain required security controls
  • Develop and maintain cybersecurity documentation, including assessment reports, compliance artifacts, and authorization support materials
  • Monitor security-related activities and provide recommendations for risk mitigation and control improvements
  • Support compliance with the Risk Management Framework (RMF), organizational policies, and applicable federal and DoD cybersecurity standards
  • Stay informed on cybersecurity threats, vulnerabilities, and best practices to support effective information assurance operations
  • Fulltime
Read More
Arrow Right

Information Assurance Specialist – III (Information Security Analyst)

Barbaricum is seeking an experienced Information Assurance Specialist III (Infor...
Location
Location
United States , Indianapolis
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD Secret Clearance
  • Bachelor's degree in related field
  • Must meet DoDM 8140.03 IAT III/IAM II requirements
  • Minimum 10yr experience in network operations and information security
  • Demonstrated experience assessing security controls based on cybersecurity principles and tenets.(e.g., NIST SP 800-53, Cybersecurity Framework, etc.)
  • In-depth understanding of relevance of NIST Security Controls and Control Implementation methodologies to the SA&SA process
  • Relevant DOD, DHS or .gov Cyber Security Information Assurance focused experience with specific current hands-on researching, writing, and submitting complete A&A documentation packages for new system authorizations
Job Responsibility
Job Responsibility
  • Assess, implement, and validate cybersecurity controls in accordance with NIST SP 800-53, the NIST Cybersecurity Framework, and applicable DoD cybersecurity requirements
  • Support the Security Assessment and Authorization (SA&A) process by evaluating security controls, identifying risks, and recommending mitigation strategies
  • Develop, review, and maintain Assessment and Authorization (A&A) documentation packages to support system accreditation and authorization efforts
  • Conduct security assessments, vulnerability analyses, and compliance reviews to ensure systems meet federal and DoD cybersecurity standards
  • Collaborate with system owners, engineers, and cybersecurity teams to implement security controls and maintain a strong security posture across enterprise environments
  • Support continuous monitoring activities, including risk assessments, control validation, remediation tracking, and reporting
  • Provide cybersecurity guidance and recommendations related to information assurance, risk management, and regulatory compliance
  • Prepare technical reports, security documentation, and executive briefings to support authorization decisions and stakeholder requirements
  • Ensure compliance with Risk Management Framework (RMF), DoD policies, and applicable government cybersecurity regulations
  • Serve as a subject matter expert on information assurance, cybersecurity controls, accreditation processes, and security compliance initiatives
  • Fulltime
Read More
Arrow Right
New

Information Security Analyst

Dotdigital is seeking an experienced and motivated Security Analyst to join our ...
Location
Location
United Kingdom; South Africa
Salary
Salary:
Not provided
dotdigital.com Logo
Dotdigital
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in a Security Analyst, Information Security, Cyber Security, Systems Administration, Infrastructure, Cloud Operations, or DevOps role with demonstrable security responsibilities
  • Experience working within a security or compliance framework such as ISO 27001
  • Understanding of security operations and incident response processes
  • Experience with vulnerability management, remediation tracking, and security risk reduction
  • Knowledge of identity and access management principles
  • Understanding of cloud security concepts and security controls within major cloud providers
  • Hands-on experience of an array of core security technologies
  • Understanding of common application security risks and OWASP principles
  • Strong communication skills with the ability to engage technical and non-technical stakeholders
  • Ability to manage multiple priorities and work independently in a fast-paced environment
Job Responsibility
Job Responsibility
  • Monitor and investigate security alerts and events across security tooling, cloud environments, business systems, and applications
  • Support incident response activities including detection, analysis, containment, eradication, recovery, and lessons learned
  • Develop and improve security monitoring, alerting, playbooks, and operational procedures
  • Assist with threat hunting and proactive identification of security risks and suspicious activity
  • Maintain awareness of emerging cyber threats, vulnerabilities, and attack techniques relevant to SaaS businesses
  • Own day-to-day vulnerability management activities across infrastructure, cloud platforms, applications, and endpoints
  • Work with technology teams to prioritise and coordinate remediation activities
  • Track vulnerabilities through to resolution and provide reporting on remediation performance
  • Support penetration testing activities and coordinate remediation of findings
  • Support the security of cloud environments and SaaS platforms through implementation and monitoring of security controls
What we offer
What we offer
  • Commission & bonus opportunities
  • Annual leave that increases with service + option to buy more
  • Additional paid wellbeing days + annual wellbeing reward
  • Christmas office shutdown (extra time off)
  • Enhanced parental leave & family support policies
  • Employee recognition & reward schemes
  • Referral bonuses & long-service rewards
  • Fulltime
Read More
Arrow Right

Information Security Analyst

We are working with a growing technology company in Irvine that is looking to ad...
Location
Location
United States , Irvine
Salary
Salary:
80000.00 - 120000.00 USD / Year
strategicemployment.com Logo
Strategic Employment Partners
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3–5 years of experience in cybersecurity, GRC, or IT security roles, with exposure to SOC2 or similar compliance frameworks
  • Experience with security operations tools (e.g., vulnerability scanning, endpoint protection, monitoring) and incident response processes
  • Ability to manage security policies, audits, vendor risk assessments, and internal controls in a dynamic environment
  • Comfortable working cross-functionally and communicating security concepts to both technical teams and external stakeholders
  • Strong ownership mindset with the ability to manage multiple priorities across compliance, operations, and ad hoc security needs
Job Responsibility
Job Responsibility
  • Take ownership of security initiatives across the organization, including GRC, security operations, and stakeholder support
  • Work independently while interfacing with internal teams, auditors, and occasionally clients
  • Manage security policies, audits, vendor risk assessments, and internal controls
  • Manage multiple priorities across compliance, operations, and ad hoc security needs
  • Fulltime
Read More
Arrow Right

Senior IT Security Compliance Analyst

The Compliance Analyst is a member of the Nintex Security Team and partners with...
Location
Location
Malaysia , Kuala Lumpur
Salary
Salary:
Not provided
nintex.com Logo
Nintex
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Security, Information Technology, Risk Management, Business, or a related field, or equivalent practical experience.
  • A proven track of at least 5 years working experience with common compliance and assurance frameworks such as SOC 2, ISO/IEC 27001, GDPR, HIPAA, FedRAMP, or similar international regulatory standards.
  • Relevant certifications are preferred but not required, including: CISA, CRISC, CISSP, CCSK, ISO 27001 Lead Implementer/Auditor, or related compliance or risk certifications.
  • Familiarity with common IT infrastructure, SaaS based cloud services, identity and access management concepts, and security tooling sufficient to assess control design and operational effectiveness (hands‑on administration is not required).
Job Responsibility
Job Responsibility
  • Coordinate the full compliance lifecycle, including gap analysis, remediation planning, audit execution, and continuous compliance monitoring.
  • Prepare the organization for new and evolving compliance frameworks by coordinating assessments, audits, self-assessments, and evidence collection and review activities.
  • Develop, maintain, and review compliance related documentation to support training, awareness, and sustained operational effectiveness.
  • Support the Revenue team by answering Security-related questions from customers and prospects.
  • Assist with curating content for ongoing Security training requirements, ensuring completion targets are met.
  • Collaborate with globally distributed stakeholders across Engineering, IT, Product, HR, Legal, and other business functions to support consistent implementation of compliance requirements.
  • Serve as a primary liaison for audit coordination, including facilitating interviews, walkthroughs, and evidence requests.
  • Provide guidance and training to internal teams on compliance initiatives and audit readiness.
  • Support adherence to Nintex governance, risk, and compliance standards by assisting with the creation, review and updates of information security policies and procedures.
  • Ensure compliance activities align with internal guidelines and approved risk management practices.
What we offer
What we offer
  • Global Gratitude and Recharge Days
  • Flexible, paid time off policy
  • Employee wellness programs and counseling resources
  • Meaningful peer recognition and awards
  • Paid parental leave
  • Invention/patenting assistance
  • Community impact, paid volunteer time, and opportunities
  • Intercultural learning and celebration
  • Multiple tools through which to learn and grow, and an incredible global community
  • Fulltime
Read More
Arrow Right