CrawlJobs Logo

Senior Information Security Compliance Analyst

Blume Global

Location Icon

Location:
United States , Chicago

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

90000.00 - 130000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

We're looking for a technically grounded Senior IS Compliance Analyst who speaks both security operations and compliance language fluently. This role sits at the critical intersection of technical security and governance, requiring someone who can translate complex security architecture into compliance frameworks and vice versa. You'll be instrumental in assessing and integrating newly acquired companies into our security and compliance ecosystem, while also serving as a technical liaison for customer security assessments. This isn't a checkbox compliance role; we need someone who understands how security controls work under the hood.

Job Responsibility:

  • Lead technical security assessments and integration of acquired companies, mapping their security architectures and controls to our GRC frameworks, identifying gaps, and building remediation roadmaps that address both technical security and compliance alignment
  • Bridge technical security and business stakeholders by evaluating risks through a technical lens, working alongside security engineering teams to translate GRC requirements into practical security measures, and communicating effectively across technical and non-technical audiences
  • Develop and harmonize security policies and control frameworks across acquired entities, ensuring they're both audit ready and operationally sound, while translating between technical security requirements and governance documentation
  • Own customer security questionnaire responses by leveraging your hands-on security background to provide detailed, accurate answers and collaborating with infrastructure, application security, and operations teams to gather technical evidence
  • Drive continuous improvement of our GRC program through technical security enhancements, meaningful security and compliance metrics, and process improvements that increase both control effectiveness and operational efficiency

Requirements:

  • Hands-on experience in technical security roles such as Security Operations, Incident Response, Security Analysis, penetration testing, or similar
  • Practical knowledge of security tools, SIEM platforms, vulnerability management, and security monitoring
  • and ability to read and understand security logs, configurations, and technical documentation
  • 6+ years of total experience with significant time in GRC
  • Working knowledge of ISO 27001, NIST frameworks, SOC 1/2, and GDPR requirements
  • Experience developing and implementing information security policies and controls
  • ISO 27001:2022 Lead Implementer and Lead Auditor certification

Nice to have:

CISSP, CISM, CISA, or CRISC certifications desirable

What we offer:
  • health and welfare benefits
  • tuition assistance
  • 401K savings and other retirement programs
  • employee assistance programs

Additional Information:

Job Posted:
December 27, 2025

Icon
Blume Global - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Information Security Compliance Analyst

Senior Information System Security Officer

We are seeking a highly skilled and mission-driven Senior Information Systems Se...
Location
Location
United States , Clarksburg
Salary
Salary:
Not provided
imts.us Logo
Innovative Management & Technology Services
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related field (or equivalent combination of education and experience)
  • 8+ years of progressive experience in information systems security, with at least 3 years in a senior-level or lead ISSO role supporting federal or state government agencies
  • Strong working knowledge of: NIST 800-53, RMF, FISMA, OWASP Top 10, and SANS Institute standards
  • SAFe Agile environments and integrating security in Agile workflows
  • Networking, Linux/Windows system administration, and secure software development practices
  • Cloud platforms (AWS, Azure, GCP) and related security tools (e.g., AWS Security Hub, Azure Defender)
  • Experience in managing security documentation, participating in audits, and working with compliance frameworks
  • Relevant certifications such as CISSP, CISM, Security+, CEH, or equivalent
  • Active Top Secret clearance is required
  • U.S. Citizenship is required
Job Responsibility
Job Responsibility
  • Lead the implementation and maintenance of system security controls in compliance with federal cybersecurity frameworks, including NIST SP 800-53, RMF, OWASP, DISA STIGs, and Common Criteria
  • Oversee the full lifecycle of Authorization to Operate (ATO) processes, including preparation of System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, and risk assessments
  • Serve as a senior security advisor and liaison to system owners, developers, DevOps engineers, and government stakeholders
  • Participate in technical reviews of system architecture and ensure secure design of virtualized and software-defined infrastructures
  • Support integration of security controls into CI/CD pipelines using DevSecOps principles and tools (e.g., Jenkins, GitLab CI, SonarQube, Snyk)
  • Provide security engineering support for modern cloud environments, including AWS, Azure, or Google Cloud Platform, and assess cloud-native security capabilities
  • Conduct vulnerability assessments, interpret scan results from tools like Tenable, Nessus, Splunk, or Qualys, and lead remediation efforts
  • Mentor junior ISSOs and analysts on security policies, best practices, and tool usage
  • Ensure continuous monitoring activities are aligned with organizational risk tolerance and compliance goals
What we offer
What we offer
  • competitive compensation
  • excellent benefits including tuition reimbursement and employer-contributed 401K
  • referral bonuses
  • Fulltime
Read More
Arrow Right

Information Security Senior Analyst

The Info Sec Prof Senior Analyst is an intermediate-level position responsible f...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of relevant experience
  • applicable certifications or willingness to earn within 12 months of joining
  • consistently demonstrates clear and concise written and verbal communication
  • proven influencing and relationship management skills
  • proven analytical skills
  • ICND 1 Certification or equivalent knowledge in Networking
  • excellent Microsoft Excel skills
  • basic network infrastructure knowledge
  • ability to work with Big Data
  • exhibiting a high degree of flexibility and ability to multi-task, seeking guidance where necessary
Job Responsibility
Job Responsibility
  • Identify potential information security (IS) risks and make recommendations for enhancement
  • collect and analyze security risk evidence and coordinate with internal and external compliance and auditing agencies / officials
  • execute meetings and communicate complex security topics and safe IS practices with all levels of the organization
  • ensure that controls are utilized daily and that non-compliance remediation is addressed
  • provide IS consulting services, including interpreting and/or clarifying information security policy, procedures, standards or concepts
  • assist with defining and implementing IS standards to align procedures and practices in compliance with Citi standards
  • educate and advise on safe information security practices and current, changing, and/or recommended information security requirements
  • validate compliance with IS policies, practices, and procedures, and resolve a variety of IS related issues in coordination with the business
  • support the Annual Connectivity Verification process
  • validate legacy connectivity for ownership, registration, and usage
  • Fulltime
Read More
Arrow Right

Information Security Administration Service Delivery Senior Analyst

The Identity and Access Management (IAM) Information Security Administration (IS...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years’ experience in an Information Security Administration environment (ISA provisioning, compliance reviews, incident/change management handling security engineering or related IS field) is desirable
  • Bachelor's degree or higher desired or the candidate should have proven equivalent work experience
  • Technical experience in security administration supporting a large user environment
  • Solid understanding of industry standard security practices desirable
  • knowledge of programming languages preferred
  • Spanish language (both verbal and written) is required
  • Good command of English language (both verbal and written)
  • Advanced proficiency with Microsoft Office tools and software
  • SSCP/CISSP/ITIL/PMP/Citi Lean certificate is an advantage
  • Be able to work independently and without any influence from manager
Job Responsibility
Job Responsibility
  • Provide customer service support and collaborate with other groups within the business and throughout Citi
  • Initiate process changes and improvements based on Lean methodology
  • Aid in guiding complex projects, utilizing pertinent tools and methodologies
  • Coach others, identifying development needs and resources to reach stretch capabilities
  • Able to handle simple thru complex, multi-tiered escalations, problems by utilizing key information security administration practices, policies and providing excellent customer service
  • Lead to resolve severity escalations and responsible for the team to identify root cause and create corrective action plan(s) as necessary
  • Create, track and complete Specific, Measurable, Achievable, Relevant, and Time-Bound (SMART) goals for projects and initiatives
  • Utilize complex Microsoft Office tools to create links between workflows with different formats
  • Advocate for change initiatives, and overcome resistance through an in-depth understanding of complex change theory
  • Communicate the need for change, involve stakeholders in the change process and apply change theory to complete successful adoption
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Digital Web & Mobile Security Senior Analyst

The Digital Web & Mobile Security Senior Analyst is an intermediate level positi...
Location
Location
India , Chennai; Pune
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience as application security consultant / security expert
  • SME level knowledge of web application vulnerabilities and web application business logic flaws and threats
  • In depth and hands-on understanding and application architectures and technology (including web applications, mobile technology, web 2.0 technology, identity and access management)
  • Demonstrable experience with mobile application security, HTML5, Web Services/API assessment, identity management will be highly regarded
  • Thorough understanding of industry and corporate technology standards for Information Security
  • Expert in latest Internet and Mobile technology with strong architectural and design knowledge
  • Detailed familiarity with security hacking tools and techniques
  • Excellent written and oral English communication skills
Job Responsibility
Job Responsibility
  • Prevent and drive to clear the outstanding safety and soundness items by assessing and predicting the potential risk items before it becomes an issue / escalation
  • Assess priorities across multiple safety and soundness items and drive those critical ones similar like driving high priority production items and never settle until it is closed
  • Drive our outstanding safety and soundness items across all teams to closure and turn it around to become prevention instead of reacting to issues
  • Operate independently including the ability to provide executive summary for safety and soundness issues for executive consumption without a need for a continuous review
  • Review existing security architectures, identify design gaps, and recommend security enhancements
  • Act as an advocate for the application security architecture. Communicates and educates on the IS Architecture and roadmap
  • Develop security design pattern by identifying broader and emerging IS issues
  • Provides architecture consulting across the bank to project teams and other architects
  • Prioritize architecture deliverables, and establish short-term, mid-term and long-range architecture plans. Facilitates the migration to the reference architecture in a way that enables and supports the strategic plan
  • Maintains understanding of business issues, operating procedures and priorities
  • Fulltime
Read More
Arrow Right

Senior Third-Party Security Risk Analyst

As a Senior Third-Party Security Risk Specialist at Ledger, you will play a vita...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master degree in Information Security, Cybersecurity, or a related field
  • 5+ years of progressive experience in third-party risk management, with a strong background in audit, risk management, compliance, or a related control function within a complex organization
  • Proven project management skills with the ability to manage complex, cross-functional projects and maintain comprehensive documentation
  • In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework) and experience in applying them to third-party risk management and regulatory requirements
  • Excellent analytical and problem-solving skills with a focus on identifying root causes and developing effective solutions
  • Strong communication and interpersonal skills, including the ability to influence and negotiate with vendors and stakeholders at all levels
Job Responsibility
Job Responsibility
  • Conduct comprehensive security assessments of third-party vendors, including reviewing their security policies, procedures, and controls
  • Proactively identify and evaluate potential security/privacy risks associated with a particular focus on those that could impact Ledger's reputation, financial stability, and customer trust
  • Develop and implement risk mitigation strategies to address identified vulnerabilities
  • Lead the collaboration with vendors to remediate security gaps and ensure compliance with Ledger's stringent security requirements
  • Establish and maintain a robust vendor security monitoring program, driving continuous improvement in vendor security posture and compliance
  • Develop, implement, and continuously improve Ledger's third-party security risk management program, including policies, standards, procedures, and tools
  • Prepare reports and presentations on vendor security risks and mitigation efforts to senior management, stakeholders, and the Comex
  • Participate in audits as part of the Privacy audit program according to the agreed annual audit plan
What we offer
What we offer
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products
  • Fulltime
Read More
Arrow Right

Information Security Professional Lead Analyst

The Info Sec Prof Lead Analyst is an intermediate level position responsible for...
Location
Location
Philippines , City of Taguig
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 7+ years of strong data analysis and report development experience
  • 7+ years of experience in information security or related technology experience required
  • At least 7+ years’ experience with Business Intelligence Reporting tools like Cognos, Tableau
  • At least 7+ years’ experience with Databases like Oracle, SQL Server, Microsoft Access
  • Strong Business Intelligence Developer Skills
  • Strong understanding of application development life cycle, CI/CD and DevOps concepts
  • Excellent Excel data analysis and Access database skills
  • Excellent SQL Skills
  • Experience with issue resolution - ability to research, identify and communicate solutions
  • Consistently demonstrates clear and concise written and verbal communication
Job Responsibility
Job Responsibility
  • Design and implement a solution for performance measurements on effectiveness of controls and overall vulnerability assessment program
  • Analyze trends on assets security health posture and report using visualization tools for program review with management and stakeholders
  • Analyze and report aggregated data from multiple data sources
  • Develop data visualization mock-ups for monitoring program data trends and communicate using analytical tools
  • Develop reports for tracking program effectiveness and update power point deck for weekly, monthly and quarterly updates
  • Develop, optimize and provide continuous support for reports and ad-hoc queries from end user
  • Create dashboards with parameters and interactive drill down functionality
  • Analyze trends on assets security health posture and report using visualization tools for program review with management and stakeholders
  • Excellent Analytical Ability - Understand the systems and data flow at a high level to evaluate if appropriate controls are in place for the standards
  • Provide timely, accurate, and actionable reporting on application vulnerability activity, trends, service levels, and areas of concern to senior management
  • Fulltime
Read More
Arrow Right

Information Security Identity & Access Management Analyst

The Info Sec Prof Senior Analyst is an intermediate level position responsible f...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of relevant Identity and Access Management experience
  • Applicable Certifications or willingness to earn within 12 months of joining
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor’s degree/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Identify potential Identity and Access Management (IAM) risks and make recommendations for enhancement
  • Lead execution of IAM governance procedures, specifically focusing on non-worker identities and IAM resources
  • Collect and analyze security risk evidence and coordinate with internal and external compliance and auditing agencies / officials
  • Develop and operationalize key risk indicators for related IAM topics and governance procedures
  • Produce insights from data that are tailored to specific requirements and audiences
  • Execute meetings and communicate complex security topics and IAM standards and best practices with all levels of the organization
  • Ensure that controls are utilized daily and that non-compliance remediation is addressed
  • Drive technological projects with cross-functional teams that support the expansion of IAM governance
  • Provide IAM consulting services, including interpreting and/or clarifying information security policy, procedures, standards or concepts
  • Assist with defining, implementing, and governing IS standards to align procedures and practices in compliance with Citi standards
What we offer
What we offer
  • Best-in-class benefits
  • Global benefits
  • Equal opportunity employer
  • Fulltime
Read More
Arrow Right

Senior Governance, Risk and Compliance Analyst - Governance

Come join the company that is reinventing cloud security and empowering business...
Location
Location
Netherlands
Salary
Salary:
Not provided
wiz.io Logo
Wiz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in one or more of the Governance, Risk, and Compliance domains
  • Passion for security and keeping Wiz safe
  • Ability to collaborate with technical and non-technical teams alike to further oversight responsibilities of Security
  • Deep knowledge of one or more industry frameworks such as ISO 27001, ISO 27017, SOC 2, PCI DSS, NIST CSF, etc. and baseline knowledge of others
  • Ability to assist with security compliance assessments to ensure compliance with internal and external requirements (ISO, NIST, CIS, etc.)
  • Experience working in a fast-paced tech environment both independently, and collaboratively within a team environment
  • Ability to build strong relationships across teams and functions in a global workplace
  • Applicants must have the legal right to work in the country where the position is based, without the need for visa sponsorship
Job Responsibility
Job Responsibility
  • Design and update policies, procedures, and controls to drive confidentiality, integrity, and availability across the Wiz environment
  • Continuously improve processes, tools, and procedures for audit and compliance management
  • Collaborate and work cross-functionally across the company to address governance and compliance needs and to support the Wiz Control Framework, partnering with Engineering, Product, Sales, Legal, HR, and other teams
  • Proactively improvement control design and performance to address a changing risk landscape
  • Deliver timely audits through working with internal and external auditors
  • Help customer-facing teams respond to information security requirements and questionnaires
  • Assist with third party risk management reviews, assessing vendor’s security, compliance, and privacy posture
  • Participate in team project management, including documentation, project planning, task management, and prioritization
  • Participate in recurring annual core audits (e.g., SOC 2, ISO, PCI)
  • Maintain awareness of security and regulatory trends, perform research and analysis on new certifications, and help Wiz pursue new international compliance initiatives
Read More
Arrow Right
Welcome to CrawlJobs.com
Your Global Job Discovery Platform
At CrawlJobs.com, we simplify finding your next career opportunity by bringing job listings directly to you from all corners of the web. Using cutting-edge AI and web-crawling technologies, we gather and curate job offers from various sources across the globe, ensuring you have access to the most up-to-date job listings in one place.
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Poland Jobs Ireland Jobs Germany Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2025 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy