CrawlJobs Logo

Senior IT Security Compliance Analyst

Malaysia, Kuala Lumpur · Job Posted June 30, 2026
Apply Position
Job Link Share

Job Description

The Compliance Analyst is a member of the Nintex Security Team and partners with globally distributed departments to execute and sustain the company’s compliance program. This role is operational and tactical in nature, with responsibility for working with teams to implement compliance requirements, enabling audit readiness, coordinating ongoing compliance activities, and supporting external and internal audits. The Compliance Analyst applies strong project management and analytical skills to manage multiple concurrent initiatives and brings working expertise across multiple compliance frameworks to ensure consistent and effective compliance outcomes.

Job Responsibility

  • Coordinate the full compliance lifecycle, including gap analysis, remediation planning, audit execution, and continuous compliance monitoring.
  • Prepare the organization for new and evolving compliance frameworks by coordinating assessments, audits, self-assessments, and evidence collection and review activities.
  • Develop, maintain, and review compliance related documentation to support training, awareness, and sustained operational effectiveness.
  • Support the Revenue team by answering Security-related questions from customers and prospects.
  • Assist with curating content for ongoing Security training requirements, ensuring completion targets are met.
  • Collaborate with globally distributed stakeholders across Engineering, IT, Product, HR, Legal, and other business functions to support consistent implementation of compliance requirements.
  • Serve as a primary liaison for audit coordination, including facilitating interviews, walkthroughs, and evidence requests.
  • Provide guidance and training to internal teams on compliance initiatives and audit readiness.
  • Support adherence to Nintex governance, risk, and compliance standards by assisting with the creation, review and updates of information security policies and procedures.
  • Ensure compliance activities align with internal guidelines and approved risk management practices.
  • Contribute to compliance integration efforts for acquisitions or organizational changes as required.
  • Support risk management activities by assisting with security reviews and compliance risk assessments for new initiatives, technologies, and vendors.
  • Identify potential compliance and control gaps, document risks, and assist in tracking mitigation activities.
  • Escalate identified risks and issues to appropriate stakeholders in a timely manner.

Requirements

  • Bachelor’s degree in Information Security, Information Technology, Risk Management, Business, or a related field, or equivalent practical experience.
  • A proven track of at least 5 years working experience with common compliance and assurance frameworks such as SOC 2, ISO/IEC 27001, GDPR, HIPAA, FedRAMP, or similar international regulatory standards.
  • Relevant certifications are preferred but not required, including: CISA, CRISC, CISSP, CCSK, ISO 27001 Lead Implementer/Auditor, or related compliance or risk certifications.
  • Familiarity with common IT infrastructure, SaaS based cloud services, identity and access management concepts, and security tooling sufficient to assess control design and operational effectiveness (hands‑on administration is not required).

Nice to have

Relevant certifications are preferred but not required, including: CISA, CRISC, CISSP, CCSK, ISO 27001 Lead Implementer/Auditor, or related compliance or risk certifications.

What we offer

  • Global Gratitude and Recharge Days
  • Flexible, paid time off policy
  • Employee wellness programs and counseling resources
  • Meaningful peer recognition and awards
  • Paid parental leave
  • Invention/patenting assistance
  • Community impact, paid volunteer time, and opportunities
  • Intercultural learning and celebration
  • Multiple tools through which to learn and grow, and an incredible global community

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Senior IT Security Compliance Analyst

8 matching positions

Senior Analyst, IT Security & Data Protection

We are looking for a Senior Analyst, IT Security & Data Protection to support ou...
Location
Location
Poland , Poznan
Salary
Salary:
Not provided
kennametal.com Logo
Kennametal
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information Security, Information Systems, Computer Science, or a related field
  • 5+ years of experience in data privacy, cybersecurity compliance, GRC, risk management, or a related area
  • Strong knowledge of GDPR and data protection requirements
  • Experience with audits, risk assessments, and compliance programs
  • Excellent communication and stakeholder management skills
  • Professional proficiency in English
Job Responsibility
Job Responsibility
  • Own and coordinate Privacy Impact Assessments (PIAs / DPIAs) for new systems, vendors, tools, and processing activities, ensuring risks are identified, documented, and addressed prior to implementation
  • Support the review, maintenance, and operational application of Data Processing Agreements (DPAs) and Standard Contractual Clauses (SCCs) in partnership with Legal, Procurement, and IT
  • Maintain and oversee Records of Processing Activities (ROPA), supporting process owners and driving periodic review cycles to ensure accuracy and completeness
  • Evaluate systems and business processes for GDPR compliance, including lawful basis, purpose limitation, data minimization, retention, data subject rights, and access controls
  • Maintain and update privacy policies, standards, and procedures to reflect regulatory requirements and internal operating practices
  • Embed privacy‑by‑design and privacy‑by‑default principles into IT solutions and digital initiatives through proactive engagement with project teams
  • Support data protection incident and breach triage, fact‑finding, documentation, risk assessment support, and coordination with Information Security and Legal stakeholders
  • Manage the Data Privacy SharePoint and evidence repositories, ensuring documentation is current, well‑structured, and audit‑ready
  • Maintain GDPR training content and support awareness tracking and reporting
  • Support internal and external privacy audits, regulatory inquiries, and supervisory authority assessments
What we offer
What we offer
  • Work on global privacy and cybersecurity initiatives
  • Collaborate with international teams and stakeholders
  • Grow your expertise in a dynamic and evolving compliance environment
  • Competitive compensation, benefits, and flexible working arrangements
  • Fulltime
Read More
Arrow Right

Senior IT Compliance Analyst

Berkshire Hathaway Specialty Insurance (BHSI) has an exciting opportunity for a ...
Location
Location
United States , Boston
Salary
Salary:
95000.00 - 125000.00 USD / Year
bhspecialty.com Logo
Berkshire Hathaway Specialty Insurance
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of experience working in an IT audit/compliance function with a general understanding in several of the IT audit/compliance topics listed below: Active Directory, password standards, user access provisioning/deprovisioning, user access reviews, change management, batch jobs/backups, disaster recovery, service accounts, patch management, risk assessment
  • Software development and IT operations knowledge to assess the planning and ongoing maintenance of DevSecOps practices and Application security
  • Ability to work in a team-based environment and communicate effectively and efficiently with others domestically and globally
Job Responsibility
Job Responsibility
  • Lead in executing IT audit/compliance activities, and follow up with responsible parties regarding outstanding requests, and/or questions
  • Maintain, organize, and store audit evidence in preparation for upcoming scheduled audits
  • Conduct audit readiness assessments (i.e., health checks) and assess the effectiveness of current controls and processes in place
  • Lead in developing, implementing, and executing additional internal IT audit/compliance activities
  • Coordinate with team members regarding the remediation status of closing out identified audit gaps and ensuring compensating controls are implemented
  • Review third-party service providers/vendors as part of IT due diligence, including assessing vendor control environment, reviewing SOC reports (i.e., SOC 2 type 2 reports), validating security certifications, identifying control gaps, and ensuring required remediation or compensating controls
  • Analyze and support compliance with global IT regulatory authorities (i.e., GDPR, CBI, DORA, MAS, APRA, BAFIN, etc.) and coordinate with individuals to ensure controls are in place to meet requirements
  • Provide support to our offices from both a U.S. and global perspective (i.e., Asia, Middle East, UK, Europe, Australasia, etc.) regarding the fulfillment of external audit requests and obligations
  • Attend/participate in e-learning training sessions to increase background knowledge of the ever-evolving IT regulatory landscape
  • Support in AI risk and governance oversight to ensure responsible and compliant use of AI technologies
What we offer
What we offer
  • Comprehensive Health, Dental and Vision benefits
  • Disability Insurance (both short-term and long-term)
  • Life Insurance (for you and your family)
  • Accidental Death & Dismemberment Insurance (for you and your family)
  • Flexible Spending Accounts
  • Health Reimbursement Account
  • Employee Assistance Program
  • Retirement Savings 401(k) Plan with Company Match
  • Generous holiday and Paid Time Off
  • Tuition Reimbursement
  • Fulltime
Read More
Arrow Right

Senior Security & Compliance Analyst

Become a Senior Security & Compliance Analyst for Bloomreach! You will be an ess...
Location
Location
Slovakia , Bratislava; Brno; Prague
Salary
Salary:
3000.00 EUR / Month
bloomreach.com Logo
Bloomreach
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong knowledge of industry compliance requirements and standards
  • Good understanding of SaaS Business
  • Good understanding of Governance, Risk, and Compliance in IT environment
  • Outstanding communication and interpersonal abilities
  • Previous experience as a compliance analyst, compliance officer, compliance manager, or similar position in a related field
  • Advanced analytical abilities
  • Effective research skills
  • Ability to perform under pressure
  • Experience with ISO security standards
  • Experience with SOC auditing
Job Responsibility
Job Responsibility
  • Perform periodic audits on company procedures and processes and report on the organization’s compliance
  • Identify, analyze, and resolve compliance issues
  • Support the sales process by completing RFPs
  • Ensure that all policies and standards are regularly reviewed and up-to-date
  • Keep the company’s process mapping and responsibilities structure chart up to date
  • Develop and update existing compliance policies and related documentation
  • Proactively research to stay up-to-date with regulations and rules
  • Communicate regulations to internal and external parties
  • Assist with management review preparation
  • Communication with clients across various regions (EMEA, US)
What we offer
What we offer
  • Restricted stock units
  • Company performance bonus
  • Great deal of freedom and trust
  • Flexible working hours
  • Virtual-first work with several Bloomreach Hubs
  • Company events
  • 5 paid days off to volunteer
  • People Development Program
  • Communication coach
  • Leader Development Program
  • Fulltime
Read More
Arrow Right

Senior Security & Compliance Analyst

Become a Senior Security & Compliance Analyst for Bloomreach! You will be an ess...
Location
Location
Czechia , Bratislava; Brno; Prague
Salary
Salary:
Not provided
bloomreach.com Logo
Bloomreach
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong knowledge of industry compliance requirements and standards
  • Good understanding of SaaS Business
  • Good understanding of Governance, Risk, and Compliance in IT environment
  • Outstanding communication and interpersonal abilities
  • Previous experience as a compliance analyst, compliance officer, compliance manager, or similar position in a related field
  • Advanced analytical abilities
  • Effective research skills
  • Ability to perform under pressure
  • Experience with ISO security standards
  • Experience with SOC auditing
Job Responsibility
Job Responsibility
  • Perform periodic audits on company procedures and processes and report on the organization’s compliance
  • Identify, analyze, and resolve compliance issues
  • Support the sales process by completing RFPs
  • Ensure that all policies and standards are regularly reviewed and up-to-date
  • Keep the company’s process mapping and responsibilities structure chart up to date
  • Develop and update existing compliance policies and related documentation
  • Proactively research to stay up-to-date with regulations and rules
  • Communicate regulations to internal and external parties
  • Assist with management review preparation
  • Communication with clients across various regions (EMEA, US)
What we offer
What we offer
  • A great deal of freedom and trust
  • Flexible working hours
  • Virtual-first work with several Bloomreach Hubs
  • Company events
  • 5 paid days off to volunteer
  • People Development Program
  • Communication coach
  • Leader Development Program
  • $1,500 professional education budget
  • Employee Assistance Program
  • Fulltime
Read More
Arrow Right

Senior Information Security Compliance Analyst

We're looking for a technically grounded Senior IS Compliance Analyst who speaks...
Location
Location
United States , Chicago
Salary
Salary:
90000.00 - 130000.00 USD / Year
blumeglobal.com Logo
Blume Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on experience in technical security roles such as Security Operations, Incident Response, Security Analysis, penetration testing, or similar
  • Practical knowledge of security tools, SIEM platforms, vulnerability management, and security monitoring
  • and ability to read and understand security logs, configurations, and technical documentation
  • 6+ years of total experience with significant time in GRC
  • Working knowledge of ISO 27001, NIST frameworks, SOC 1/2, and GDPR requirements
  • Experience developing and implementing information security policies and controls
  • ISO 27001:2022 Lead Implementer and Lead Auditor certification
Job Responsibility
Job Responsibility
  • Lead technical security assessments and integration of acquired companies, mapping their security architectures and controls to our GRC frameworks, identifying gaps, and building remediation roadmaps that address both technical security and compliance alignment
  • Bridge technical security and business stakeholders by evaluating risks through a technical lens, working alongside security engineering teams to translate GRC requirements into practical security measures, and communicating effectively across technical and non-technical audiences
  • Develop and harmonize security policies and control frameworks across acquired entities, ensuring they're both audit ready and operationally sound, while translating between technical security requirements and governance documentation
  • Own customer security questionnaire responses by leveraging your hands-on security background to provide detailed, accurate answers and collaborating with infrastructure, application security, and operations teams to gather technical evidence
  • Drive continuous improvement of our GRC program through technical security enhancements, meaningful security and compliance metrics, and process improvements that increase both control effectiveness and operational efficiency
What we offer
What we offer
  • health and welfare benefits
  • tuition assistance
  • 401K savings and other retirement programs
  • employee assistance programs
Read More
Arrow Right

InfoSec Compliance Senior Analyst / Analyst

Assist in achieving adequate information security control levels across the bank...
Location
Location
Salary
Salary:
Not provided
ethicshr.com Logo
Ethics HR
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science or Electronics & Communication Engineering or a related field from a reputable university
  • Minimum 4 years of technical & functional experience in Information Security field for the Senior Analyst
  • Minimum 2 years of technical & functional experience in Information Security field for the Analyst
  • Analytical, self-motivated, cooperative & proactive
  • Excellent interpersonal, leadership and directing skills
  • Excellent communication & computer skills
  • Strong understanding of banking operations
  • Analytical mind-set with ability to grasp new concepts and diverse aspects of bank and risk operations
  • Fluency in Arabic and English written/spoken
Job Responsibility
Job Responsibility
  • Assist in achieving adequate information security control levels across the bank's information assets
  • Ensure clear understanding to information security controls necessary to remediate identified risks and follow up remediation with the concerned business lines
  • Assist in implementing PCI-DSS controls allowing for annual re-certification by coordinating with IT and the concerned Business lines
  • Follow up on all PCI-DSS activities to be delivered on time & reviewed by InfoSec Compliance Team Leader and validated by InfoSec Compliance Manager/Associate before delivering to the QSA
  • Ensure clear understanding for information security controls necessary to fulfil compliance and regulatory requirements (Swift, CBE, PCI-DSS, etc.) to ensure an acceptable level of security maturity across the bank
  • Follow up on all information security policies and security controls related to different standards are properly implemented before reviewing by InfoSec Compliance Team Leader & validating by InfoSec Compliance Manager/Associate
  • Follow up on the effectiveness of applied security controls and share knowledge with Information Security Governance Team of future suggested enhancements and optimization
  • Coordinate with Information Security Team in raising non-compliance and risk of lack of security controls
  • Follow up on breaches SLA’s and non-compliances & notify InfoSec Compliance Team Leader to be reported to InfoSec Compliance Manager/Associate & Cyber Security Team to consider in the watch list
  • Attends project design work shops and ensure that the security architecture standards are followed and considered
Read More
Arrow Right

Senior Information Security Cyber Security Data Analyst

Senior Information Security Cyber Security Data Analyst – Assistant Vice Preside...
Location
Location
India , Pune
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8-12 years of relevant experience in Cyber Security, Information security, primarily into building data pipelines, Data collection and management, Data transformation etc.
  • Building Data Pipelines: Creating systems for collecting, storing, and transforming data from various sources. Impala, Hive
  • Data Collection and Management: Data engineers are responsible for gathering data from various sources, ensuring its quality, and making it accessible for analysis.
  • Data Transformation: They convert raw data into usable formats, often using ETL (Extract, Transform, Load) processes, to big data platform of Hadoop, Cloud technologies like DataBricks and Snowflake to make it suitable for analysis and reporting.
  • Applicable Certifications or willingness to earn within 12 months of joining
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor’s degree/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Identify potential information security (IS) risks and make recommendations for enhancement
  • Collect and analyze security risk evidence and coordinate with internal and external compliance and auditing agencies / officials
  • Execute meetings and communicate complex security topics and safe IS practices with all levels of the organization
  • Ensure that controls are utilized daily and that non-compliance remediation is addressed
  • Provide IS consulting services, including interpreting and/or clarifying information security policy, procedures, standards or concepts
  • Assist with defining and implementing IS standards to align procedures and practices in compliance with Citi standards
  • Educate and advise on safe information security practices and current, changing, and/or recommended information security requirements
  • Validate compliance with IS policies, practices, and procedures, and resolve a variety of IS related issues in coordination with the business
  • Assume informal/formal mentorship role within teams and assist with the coaching and training of new team members
  • Has the ability to operate with a limited level of direct supervision.
  • Fulltime
Read More
Arrow Right

Senior Analyst – Security Operations Center, Operations Technology

Are You Ready to Make It Happen at Mondelēz International? Join our Mission to L...
Location
Location
Philippines
Salary
Salary:
Not provided
remotivatejobs.com Logo
RemotivateJobs
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Information security, compliance and risk management
  • Security solutions and their applicability to Mondelēz International
  • Security strategies, awareness campaigns, policies/standards and governance
  • Communicating effectively with technical specialists, leaders and peers
  • Analytical and problem-solving abilities
  • Being a team player by supporting and leading to achieve common goals
Job Responsibility
Job Responsibility
  • Assess information security risks in line with internal policy and external best practices
  • Support the security of information and IT assets by testing security systems and applying security standards, policies, and procedures
  • Under the guidance of the global information security lead, implement cyber security technology and provide day-to-day business support
  • Manage third-party providers to ensure that any internal or third-party adhere to standards
  • Provide information security training to appropriate teams
  • Fulltime
Read More
Arrow Right