CrawlJobs Logo
Blume Global Logo Blume Global · IT - Administration

Senior Information Security Compliance Analyst

United States, Chicago 90000.00 - 130000.00 USD / Year · Job Posted December 27, 2025
Apply Position
Job Link Share

Job Description

We're looking for a technically grounded Senior IS Compliance Analyst who speaks both security operations and compliance language fluently. This role sits at the critical intersection of technical security and governance, requiring someone who can translate complex security architecture into compliance frameworks and vice versa. You'll be instrumental in assessing and integrating newly acquired companies into our security and compliance ecosystem, while also serving as a technical liaison for customer security assessments. This isn't a checkbox compliance role; we need someone who understands how security controls work under the hood.

Job Responsibility

  • Lead technical security assessments and integration of acquired companies, mapping their security architectures and controls to our GRC frameworks, identifying gaps, and building remediation roadmaps that address both technical security and compliance alignment
  • Bridge technical security and business stakeholders by evaluating risks through a technical lens, working alongside security engineering teams to translate GRC requirements into practical security measures, and communicating effectively across technical and non-technical audiences
  • Develop and harmonize security policies and control frameworks across acquired entities, ensuring they're both audit ready and operationally sound, while translating between technical security requirements and governance documentation
  • Own customer security questionnaire responses by leveraging your hands-on security background to provide detailed, accurate answers and collaborating with infrastructure, application security, and operations teams to gather technical evidence
  • Drive continuous improvement of our GRC program through technical security enhancements, meaningful security and compliance metrics, and process improvements that increase both control effectiveness and operational efficiency

Requirements

  • Hands-on experience in technical security roles such as Security Operations, Incident Response, Security Analysis, penetration testing, or similar
  • Practical knowledge of security tools, SIEM platforms, vulnerability management, and security monitoring
  • and ability to read and understand security logs, configurations, and technical documentation
  • 6+ years of total experience with significant time in GRC
  • Working knowledge of ISO 27001, NIST frameworks, SOC 1/2, and GDPR requirements
  • Experience developing and implementing information security policies and controls
  • ISO 27001:2022 Lead Implementer and Lead Auditor certification

Nice to have

CISSP, CISM, CISA, or CRISC certifications desirable

What we offer

  • health and welfare benefits
  • tuition assistance
  • 401K savings and other retirement programs
  • employee assistance programs
Blume Global - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Information Security Compliance Analyst

8 matching positions

Senior Information Security Cyber Security Data Analyst

Senior Information Security Cyber Security Data Analyst – Assistant Vice Preside...
Location
Location
India , Pune
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8-12 years of relevant experience in Cyber Security, Information security, primarily into building data pipelines, Data collection and management, Data transformation etc.
  • Building Data Pipelines: Creating systems for collecting, storing, and transforming data from various sources. Impala, Hive
  • Data Collection and Management: Data engineers are responsible for gathering data from various sources, ensuring its quality, and making it accessible for analysis.
  • Data Transformation: They convert raw data into usable formats, often using ETL (Extract, Transform, Load) processes, to big data platform of Hadoop, Cloud technologies like DataBricks and Snowflake to make it suitable for analysis and reporting.
  • Applicable Certifications or willingness to earn within 12 months of joining
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor’s degree/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Identify potential information security (IS) risks and make recommendations for enhancement
  • Collect and analyze security risk evidence and coordinate with internal and external compliance and auditing agencies / officials
  • Execute meetings and communicate complex security topics and safe IS practices with all levels of the organization
  • Ensure that controls are utilized daily and that non-compliance remediation is addressed
  • Provide IS consulting services, including interpreting and/or clarifying information security policy, procedures, standards or concepts
  • Assist with defining and implementing IS standards to align procedures and practices in compliance with Citi standards
  • Educate and advise on safe information security practices and current, changing, and/or recommended information security requirements
  • Validate compliance with IS policies, practices, and procedures, and resolve a variety of IS related issues in coordination with the business
  • Assume informal/formal mentorship role within teams and assist with the coaching and training of new team members
  • Has the ability to operate with a limited level of direct supervision.
  • Fulltime
Read More
Arrow Right

Senior Information Security Analyst

We are seeking a highly skilled and technically strong (Senior) Information Secu...
Location
Location
Germany , Munich; Berlin
Salary
Salary:
Not provided
hawk.ai Logo
Hawk
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on experience in Information Security, IT Security, or System Administration within a B2B tech or SaaS environment
  • Strong technical competence across multiple operating systems (macOS, Windows, Linux) including admin-level experience
  • Experience with identity and access management tools (e.g., JumpCloud, Okta), MDM solutions, and enterprise security platforms
  • Solid understanding of IT security fundamentals, including authentication, endpoint security, encryption, and network basics
  • Familiarity with ISO 27001 or ISMS operations
  • experience supporting audits or certification maintenance
  • Basic security certifications (e.g., CompTIA Security+, CEH) are highly desirable
  • Fluent German and English — mandatory due to regular customer-facing security discussions
  • Ability to articulate complex technical issues clearly to diverse audiences (engineers, customers, auditors, leadership)
  • Strong documentation skills with attention to accuracy and clarity
Job Responsibility
Job Responsibility
  • Respond to security questionnaires, RFPs, and due-diligence requests in collaboration with Sales and Pre-Sales
  • Participate in customer calls to explain Hawk’s security posture and answer technical, compliance, and infrastructure-related questions
  • Represent Hawk’s security capabilities clearly and confidently to regulated financial institutions
  • Support the ongoing operation and improvement of Hawk’s ISMS, ensuring alignment with ISO 27001 controls and underlying processes
  • Assist in internal audits, evidence gathering, and risk assessments
  • Help maintain certification readiness by driving documentation, process adherence, and corrective actions
  • Provide operational support for core IT & security tools, including JumpCloud (SSO/IdP), MDM, endpoint policies, and access management workflows
  • Support the roadmap toward centralized, secure workstation management — monitoring, controlling, and updating all endpoints across macOS, Windows, and Linux
  • Assist in evaluating and managing security-related 3rd party SaaS tools used across the business
  • Monitor the security posture of Hawk’s corporate tools, infrastructure, and integrations
  • Fulltime
Read More
Arrow Right

Information Security Senior Analyst

The Information Security Senior Analyst is an intermediate level position respon...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of relevant experience
  • Applicable Certifications (CISSP, CISA, CISM, CRISC or equivalent) or willingness to earn within 12 months of joining
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Fluent English
  • Bachelor’s degree/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Identify potential information security (IS) risks and make recommendations for enhancement
  • Collect and analyze security risk evidence and coordinate with internal and external compliance and auditing agencies / officials
  • Execute meetings and communicate complex security topics and safe IS practices with all levels of the organization
  • Ensure that controls are utilized daily and that non-compliance remediation is addressed
  • Provide IS consulting services, including interpreting and/or clarifying information security policy, procedures, standards or concepts
  • Assist with defining and implementing IS standards to align procedures and practices in compliance with Citi standards
  • Educate and advise on safe information security practices and current, changing, and/or recommended information security requirements
  • Validate compliance with IS policies, practices, and procedures, and resolve a variety of IS related issues in coordination with the business
  • Assume informal/formal mentorship role within teams and assist with the coaching and training of new team members
  • Has the ability to operate with a limited level of direct supervision
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Information Security Senior Analyst

The Info Sec Prof Senior Analyst is an intermediate-level position responsible f...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of relevant experience
  • applicable certifications or willingness to earn within 12 months of joining
  • consistently demonstrates clear and concise written and verbal communication
  • proven influencing and relationship management skills
  • proven analytical skills
  • ICND 1 Certification or equivalent knowledge in Networking
  • excellent Microsoft Excel skills
  • basic network infrastructure knowledge
  • ability to work with Big Data
  • exhibiting a high degree of flexibility and ability to multi-task, seeking guidance where necessary
Job Responsibility
Job Responsibility
  • Identify potential information security (IS) risks and make recommendations for enhancement
  • collect and analyze security risk evidence and coordinate with internal and external compliance and auditing agencies / officials
  • execute meetings and communicate complex security topics and safe IS practices with all levels of the organization
  • ensure that controls are utilized daily and that non-compliance remediation is addressed
  • provide IS consulting services, including interpreting and/or clarifying information security policy, procedures, standards or concepts
  • assist with defining and implementing IS standards to align procedures and practices in compliance with Citi standards
  • educate and advise on safe information security practices and current, changing, and/or recommended information security requirements
  • validate compliance with IS policies, practices, and procedures, and resolve a variety of IS related issues in coordination with the business
  • support the Annual Connectivity Verification process
  • validate legacy connectivity for ownership, registration, and usage
  • Fulltime
Read More
Arrow Right

Lead Analyst, Information Security Governance & Compliance

Beacon Hill Technologies is partnering with a client to identify a Lead Analyst,...
Location
Location
United States , Boca Raton
Salary
Salary:
Not provided
bhsg.com Logo
Beacon Hill
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Practical, working knowledge of audit and assurance concepts and terminology
  • Experience supporting both internal and external audits
  • Ability to evaluate the quality and sufficiency of audit evidence
  • Strong attention to documentation, traceability, and control effectiveness
  • Prior experience in information security governance, compliance, or risk management
  • Demonstrated ability to lead work while remaining directly involved in execution
  • Clear communication skills, particularly when explaining audit or compliance topics
  • Bachelor’s degree in Information Security, Risk Management, or a related discipline
  • 7+ years of experience in governance, risk, and compliance or information security roles
  • Familiarity with security and control frameworks such as NIST or ISO
Job Responsibility
Job Responsibility
  • Support and guide audit, compliance, and risk activities within the information security organization
  • Ensure audit readiness
  • Coordinate audit responses
  • Validate the quality and completeness of evidence
Read More
Arrow Right

Senior Cybersecurity Analyst (Information System Security Manager - ISSM)

OTS is seeking a Senior Cybersecurity Analyst (Information System Security Manag...
Location
Location
United States , San Antonio
Salary
Salary:
Not provided
optechs-inc.com Logo
Optimized Technical Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Cybersecurity, Information Technology (IT), or a related field OR equivalent experience
  • Information Assurance Manager (IAM) Level III Certification (CISSP, CISM, GSLC, or equivalent)
  • 15+ years of experience in DoD cybersecurity operations
  • Proficiency with SonarQube, Dependency-Track, ACAS, and STIG compliance
  • Experience with eMASS, RMF, and cybersecurity compliance in DoD or federal agencies
Job Responsibility
Job Responsibility
  • Security Documentation
  • Code Scans
  • Open-Source Library Scans
  • Cybersecurity and Authorization to Operate (ATO)
  • Assured Compliance Assessment Solution (ACAS) Scans
  • C5ISR Interrogator Reporter
  • Enterprise Mission Assurance Support Service (eMASS) and Plan of Action and Milestones (POA&M)
  • STIG Checks
  • JIRA Workflow Support
  • Continuous Monitoring
What we offer
What we offer
  • Medical
  • Dental
  • Vision
  • Life Insurance
  • PTO including 11 Federal Holidays
  • 401K
  • Fulltime
Read More
Arrow Right

Senior Information Security Business Intelligence Data Analyst

The Senior Information Security Business Intelligence Analyst is an intermediate...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Business Intelligence experience of minimum 10 years. This includes Cognos, Tableau, Power BI etc.
  • Building Data Pipelines: Creating systems for collecting, storing, and transforming data from various sources.
  • Data Collection and Management: Data engineers are responsible for gathering data from various sources, ensuring its quality, and making it accessible for analysis.
  • Data Transformation: They convert raw data into usable formats, often using ETL (Extract, Transform, Load) processes, to big data platform of Hadoop, Cloud technologies like DataBricks and Snowflake to make it suitable for analysis and reporting.
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor’s degree/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Assist Security Incident Response Teams with incident investigations and aid in technical risk assessments
  • Coordinate with system development and infrastructure units to identify Information Security (IS) risks and the appropriate controls for development, day-to-day operation, and emerging technologies
  • Perform regular assessments based on changes in the threat landscape
  • Monitor vulnerability assessments and ethical hacks, ensuring that issues are addressed for the applications that they support
  • Provide information security support with related activities during systems development (e.g. authentication, encryption)
  • Identify and develop new and improved technical procedures and process control manuals
  • Identify significant IS threats and vulnerabilities
  • Assume informal/formal mentorship role within teams and assist with the coaching and training of new team members
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.
  • Fulltime
Read More
Arrow Right

InfoSec Compliance Senior Analyst / Analyst

Assist in achieving adequate information security control levels across the bank...
Location
Location
Salary
Salary:
Not provided
ethicshr.com Logo
Ethics HR
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science or Electronics & Communication Engineering or a related field from a reputable university
  • Minimum 4 years of technical & functional experience in Information Security field for the Senior Analyst
  • Minimum 2 years of technical & functional experience in Information Security field for the Analyst
  • Analytical, self-motivated, cooperative & proactive
  • Excellent interpersonal, leadership and directing skills
  • Excellent communication & computer skills
  • Strong understanding of banking operations
  • Analytical mind-set with ability to grasp new concepts and diverse aspects of bank and risk operations
  • Fluency in Arabic and English written/spoken
Job Responsibility
Job Responsibility
  • Assist in achieving adequate information security control levels across the bank's information assets
  • Ensure clear understanding to information security controls necessary to remediate identified risks and follow up remediation with the concerned business lines
  • Assist in implementing PCI-DSS controls allowing for annual re-certification by coordinating with IT and the concerned Business lines
  • Follow up on all PCI-DSS activities to be delivered on time & reviewed by InfoSec Compliance Team Leader and validated by InfoSec Compliance Manager/Associate before delivering to the QSA
  • Ensure clear understanding for information security controls necessary to fulfil compliance and regulatory requirements (Swift, CBE, PCI-DSS, etc.) to ensure an acceptable level of security maturity across the bank
  • Follow up on all information security policies and security controls related to different standards are properly implemented before reviewing by InfoSec Compliance Team Leader & validating by InfoSec Compliance Manager/Associate
  • Follow up on the effectiveness of applied security controls and share knowledge with Information Security Governance Team of future suggested enhancements and optimization
  • Coordinate with Information Security Team in raising non-compliance and risk of lack of security controls
  • Follow up on breaches SLA’s and non-compliances & notify InfoSec Compliance Team Leader to be reported to InfoSec Compliance Manager/Associate & Cyber Security Team to consider in the watch list
  • Attends project design work shops and ensure that the security architecture standards are followed and considered
Read More
Arrow Right