Aprio, LLP is an accounting firm that is on a mission to advise its customers on “how to achieve what’s next.” As an employer, the company is recognized f
Senior Associate, Compliance as a Service
Location
Colorado
Posted
31 days ago
Salary
$80K - $132K / year
Seniority
Senior
Job Description
Senior Associate, Compliance as a Service
Aprio
• Lead and support multiple low to moderately complex managed security compliance engagements, ensuring quality, consistency, and timeliness in all deliverables. • Execute compliance assessments, gap analyses, remediation planning, and evidence collection across frameworks such as PCI DSS, SOC 1, SOC 2, ISO 27001, ISO 27701, HITRUST, CMMC, FedRAMP, NIST CSF, and GDPR. • Develop draft policies and procedures, reports, and other common project deliverables based on established template sets. • Effectively use project management tooling (Motion) to cross-map multiple account calendars, streamline scheduling, manage and prioritize tasks, assign tasks to others, and document processes and important client information. • Effectively use GRC platforms (Drata, Anecdotes, Hyperproof) to implement and manage Compliance Operations for clients. • Make efficient use of business tools (Slack, MS Office Suite, project management platforms) to work smarter, not harder. • Communicate effectively in email, chat, meetings, and other professional settings. Never forget to send weekly status updates. • Learn and apply AI LLM prompting basics; understand when to trust AI outputs and when to be skeptical. • Support senior team members in client relationship management and contribute to expanding services within existing accounts. • Collaborate with internal teams, including audit, advisory, and offensive security, to support integrated service delivery. • Monitor regulatory developments and industry trends to stay current on compliance requirements and best practices. • Complete all CPE requirements for current certifications prior to end of Q3. • Attend firm-sponsored trainings as applicable. • Manage your schedule in ProStaff and maintain timely, accurate completion of all required compliance and training.
Job Requirements
- Minimum of 3 years’ experience in information security, IT compliance, or a related cybersecurity role, with experience in professional services, consulting, or managed services environment.
- Demonstrated experience supporting and delivering compliance engagements across one or more frameworks.
- Foundational knowledge of cloud security (AWS, Azure, GCP) and securing hybrid/multi-cloud environments.
- Developing familiarity with security technologies (e.g., SIEM, IDS/IPS, network security controls, encryption), how to apply them, and the risks they address.
- GRC tooling expertise with at least one platform (e.g., Drata, Hyperproof, Anecdotes).
- Excellent written and verbal communication skills, with the ability to articulate compliance and security topics to both technical and non-technical stakeholders.
Benefits
- Medical, Dental, and Vision Insurance on the first day of employment
- Flexible Spending Account and Dependent Care Account
- 401k with Profit Sharing
- 9+ holidays and discretionary time off structure
- Parental Leave – coverage for both primary and secondary caregivers
- Tuition Assistance Program and CPA support program with cash incentive upon completion
- Discretionary incentive compensation based on firm, group and individual performance
- Incentive compensation related to origination of new client sales
- Top rated wellness program
- Flexible working environment including remote and hybrid options
Related Guides
Related Categories
Related Job Pages
More Compliance Jobs
• Create and manage filings in SERFF for forms, rules and rates • Maintain forms lists and applicability for all products • Maintain the filings library • Coordinate with product and engineering teams to ensure accuracy of form packages • Participate in audits by insurers, reinsurers and regulators • Respond to data calls • Maintain complaint process • Participate in marketing reviews • Participate in broker development contract reviews and appointment process • Other duties as assigned
• Define, monitor, and enforce internal processes and standards • Analyze data and ensure teams are following the right processes • Read reports and identify issues • Collaborate with different teams and take ownership of processes
Federal Student Aid Regulatory Case Analyst
RavenTekLeading-edge digital transformation and cybersecurity solutions.
• Support the Department of Education, Federal Student Aid (FSA) Ombudsman by reviewing, analyzing, and resolving complex consumer financial and regulatory cases. • Perform comprehensive case reviews, gather and evaluate documentation, apply statutory and regulatory criteria, and prepare structured written determinations. • Maintain accuracy, documentation integrity, and productivity within a performance-based contract environment. • Manage assigned caseload to achieve defined productivity targets.
Compliance Specialist
CDL Nuclear TechnologiesYour Nationwide Partner in Cardiac PET and PET/CT. We've seen it all, because we've done it the most.
• Execute day-to-day operational activities that support CDL’s Corporate Compliance Program. • Responsible for training, communications, ongoing monitoring, documentation, investigation support, and coordination across clinical, operational, and administrative functions. • Track regulatory updates from CMS, OIG, OCR, state agencies, and accreditation bodies; incorporate changes into policy, procedure, and operational workflows. • Prepare summaries and distribute relevant guidance to internal stakeholders. • Maintain compliance issue logs, corrective action plans (CAPs), and follow-up activities to ensure timely remediation. • Participate in risk assessments by gathering data, documenting control gaps, and providing tactical support for mitigation strategies. • Maintain inventory of compliance policies and procedures; assist with drafting, revising, and formatting compliance-related policies and procedures. • Support development and delivery of compliance training content; administer compliance training assignments and track completion rates. • Maintain centralized compliance program documentation, evidence repositories, and audit binders.
