[Remote] Security Compliance Analyst

Note: The job is a remote job and is open to candidates in USA. Blackpoint Cyber is the leading provider of world-class cybersecurity threat hunting, detection and remediation technology. They are seeking a motivated Security Compliance Analyst to help lead their evolving internal security compliance program, refine security policies, conduct internal audits, and ensure compliance with various security and privacy frameworks.

Responsibilities

• Support the maintenance of a comprehensive security compliance program aligned with laws, regulations, and industry best practices. This includes framework and control mapping, refining policies, standards, and procedures, and continuous monitoring of control compliance
• Maintain and optimize key programs like Third Party Risk Management and Security Awareness Training
• Apply expertise in GDPR, HIPAA, PCI DSS, NIST 800-171/CMMC, ISO 27001, SOC2, and FedRAMP controls as well as U.S. state privacy regulations to ensure practices remain compliant and up to date
• Support internal audits, partnering with stakeholders to remediate findings
• Support external audits (e.g., SOC 2) through preparation and planning, monitoring and remediation coordination, documentation and follow-up tracking
• Bring a structured, methodical approach to assisting with cross-functional project implementation
• Stay current on emerging threats, regulations, and security best practices to strengthen compliance posture

Skills

• Bachelor's degree (or equivalent experience) in IT, Information Security, Computer Science, Information Systems Management, Privacy, Law, Compliance, or related field
• Minimum 5 years of experience in privacy, security, or security compliance roles, including experience with internal audit
• Strong verbal and written communication, organizational, and documentation skills. Experience working with Atlassian Suite tools for collaboration and task management
• Deep knowledge of regulatory and compliance frameworks, including SOC2, ISO 27001, GDPR, NIS2, CMMC, FedRAMP, HIPAA, PCI DSS
• Strong analytical and problem-solving abilities with strong attention to detail
• Proven ability to work with multiple stakeholder groups, coordinating as needed, and supporting the integration of compliance into business processes
• Hands-on experience with framework and control mapping, compliance automation tools (One Trust Certification Automation, DRATA, and others), and third-party risk management (TPRM) tools
• Solid understanding of compliance risk, including implementing compensating controls and translating risk assessments for technical and non-technical audiences
• Experience working in remote or distributed environments
• Relevant professional certifications are preferred, such as CISA, CIPP/US, CIPP/E, CIPM, or CIPT

Benefits

• Health, Vision, Dental, and Life Insurance plans
• Robust 401k plan
• Discretionary Time Off
• Other minor perks

Company Overview

Company H1B Sponsorship