• Maintain relationships with customers and internal stakeholders and control owners alike; • Manage customer questionnaires, RFx and security assessments; • Evaluate compliance with contractual, regulatory and compliance requirements; • Help manage the compliance and audit platform, working with system owners to implement automated evidence collection and validation to ease the customer audit lifecycle.

• We are seeking a Security Analyst with an emphasis on fraud research to join our Information Security team. • This role is responsible for identifying, researching, and helping mitigate computer-based and non-computer-based fraudulent activity across the organization. • The analyst will support the investigation of suspicious activity, review trends and patterns that may indicate fraud risk, and help strengthen internal controls through monitoring, analysis, documentation, and reporting. • This position works closely with the Director of Information Security and cross-functional business partners to support fraud prevention efforts, incident response, and risk management activities.

Role Description The Senior Security Compliance GRC Analyst leads complex audits and regulatory assessments, providing subject matter expertise in frameworks such as SOC 2, ISO 27001, FedRAMP, ENS, and Cyber Essentials. This role improves control design, harmonizes evidence practices, and guides corrective action plans — while mentoring junior analysts and partnering with cross-functional teams to mature the organization's compliance posture and reduce recurring audit gaps through regular external audit integration. - Lead complex internal and external audits, coordinating cross-functional participation and ensuring timely, accurate evidence delivery; serve as a subject matter expert on one or more compliance frameworks including SOC 2, ISO 27001, HIPAA, FedRAMP, and PCI. - Design and execute control testing plans, evaluating control effectiveness and documenting observations or gaps; drive remediation workflows by partnering with system owners to define action plans and confirm closure. - Develop and maintain compliance documentation including system security plans, control narratives, and audit-ready evidence libraries; prepare and maintain comprehensive records of compliance activities including risk assessments, audit reports, and regulatory filings. - Support harmonization of control frameworks by mapping controls and evidence across multiple regulations and standards; identify process and control improvement opportunities, recommending updates that enhance efficiency and reduce audit friction. - Project manage compliance audits including evidence collection and gap analysis; mentor junior analysts in audit readiness, evidence preparation, and control testing methodologies. - Mentor, coach, train, and provide feedback to other team members; may provide feedback to leadership on the technical abilities of the team. Qualifications - Bachelor's degree or equivalent work experience, with 3–5 years of experience in compliance, risk management, internal audit, or regulatory affairs. - Knowledge of regulatory frameworks such as SOC, ISO 27001, NIST 800-53, FedRAMP, SOX, HIPAA, GDPR, or FAR/DFARS. - Strong data gathering, interviewing, analytical, and problem-solving skills; strong knowledge of security risk assessment techniques, risk scoring models, and risk impact analysis. - Strong oral and written communication skills with a professional demeanor; strong facilitation, project management, and interpersonal skills with the ability to maintain professionalism across all levels of the organization. - Strong collaboration skills applied successfully within a team and across all levels of employees; demonstrated ability to influence, motivate, and mobilize team members and business partners. Requirements - Experience in a government-regulated industry such as healthcare, finance, defense, or technology. - Cloud security and/or AI GRC certifications. - Strong data analysis knowledge using tools such as Excel, SQL, or statistical software packages. - Strong knowledge of Microsoft Operating Systems, products, and advanced Microsoft Excel skills. - Self-motivated with the ability to manage projects to completion with minimal oversight in a fast-paced, deadline-driven environment; strong attention to detail with the ability to handle sensitive information with discretion and tact. Benefits - Career development resources. - Wellbeing programs. - Innovation practices.

• The Security Analyst is responsible for specific aspects of the security program including regulatory reporting, metrics/KPIs, training and awareness, security process integration and risk management for our clients. • Protects computer assets by establishing and enforcing system access controls; maintaining disaster preparedness. • Document, maintain and analyze compliance with IT controls, standard procedures, and policies. • Demonstrate excellent customer service skills, build credibility and rapport with client technical teams. • Assist in periodic information risk assessments and audits to ensure that information systems are adequately protected to meet security objectives. • Assist in collecting security-related evidence for external audits. • Provide technical expertise during IT security incident response. • Support IT security inquiries from customers. • Assist in the review of vendor IT security programs and controls. • Assist in tracking and maintenance of action plans for the resolution of issues identified during assessments and audits. Provide needed assistance with the execution of those remediation plans. • Ensure authorized access by investigating improper access; revoking access; reporting violations; monitoring information requests by new programming; recommending improvements. • Establish physical security by developing standards, policies and procedures. • Advise on risk levels and security posture through a risk management framework. • Identify business processes requiring information security Integration. • Support the design and execution of security exercises.