Security Compliance Analyst
$50 - $55 per hourActalent
Security Compliance Analyst The Security Compliance Analyst leads the full certification lifecycle for key security frameworks, acting as the primary bridge between technical engineering teams and external auditors. This role focuses on managing ISO and SOC 2 Type 2 audits end‑to‑end, translating complex technical environments into audit‑ready evidence, and using AI and automation to reduce the compliance burden on engineering teams. The ideal candidate is a hands‑on compliance practitioner who understands the realities of SaaS products and can clearly articulate technical control requirements to both technical and non‑technical stakeholders. Responsibilities Own and drive the full lifecycle of ISO and SOC 2 Type 2 audits, from initial planning through final reporting. Define detailed audit requirements and translate control language into clear, actionable technical requests for engineering teams. Request, collect, and organize evidence from technical owners, ensuring completeness, accuracy, and audit readiness. Review and validate the integrity and sufficiency of technical evidence, identifying gaps, inconsistencies, or invalid submissions. Track remediation activities for identified gaps and follow up with stakeholders to ensure timely closure of issues. Serve as the primary liaison with external audit firms, speaking the language of auditors and effectively defending the control environment. Create and maintain an annual audit calendar, including timelines, milestones, and preparation activities for audit windows. Ensure the organization is well prepared for audits by coordinating pre‑audit reviews, walkthroughs, and readiness assessments. Utilize AI and large language models to automate evidence collection, parse system logs, draft control descriptions, and identify potential compliance gaps before audits. Apply a human‑in‑the‑loop approach to AI usage by critically reviewing and validating AI‑generated outputs for accuracy and completeness. Review technical configuration reports for infrastructure, networking, containers, and databases to determine whether settings align with secure configuration expectations. Research and identify appropriate secure configurations and control implementations for technologies not previously encountered. Clearly explain to engineers what specific evidence or configurations are required, using precise technical language rather than generic control descriptions. Collaborate with engineering and security teams to define and refine technical controls that align with ISO, SOC 2 Type 2, and other relevant frameworks. Communicate complex compliance requirements in clear, accessible terms to non‑technical stakeholders across the organization. Push back constructively on auditors when appropriate, providing reasoned explanations and evidence to support the existing control environment. Contribute to the continuous improvement of compliance processes by identifying opportunities to streamline workflows and reduce manual effort through automation and AI. Essential Skills Proven, specific experience managing end‑to‑end ISO and SOC 2 Type 2 audits, including planning, execution, and final reporting. Baseline understanding of ISO and SOC 2 Type 2 frameworks and their associated control requirements. Experience running audits, with a preference for technology‑focused auditing experience. Demonstrated ability to understand and assess technical controls in cloud and SaaS environments. Technical literacy in cloud platforms, with a particular preference for experience with AWS. Ability to read and interpret technical configuration reports and determine whether configurations meet secure standards. Capability to identify when provided technical evidence is insufficient or invalid and to request appropriate corrective evidence. Demonstrated experience using AI and large language models to streamline compliance and audit tasks, including evidence collection and analysis. A clear human‑in‑the‑loop philosophy for validating AI output to ensure accuracy and reliability. Strong communication skills, including the ability to explain complex compliance requirements to non‑technical stakeholders. Ability to understand and articulate detailed technical requests from engineers and translate them into compliance terms. Confidence and professionalism in pushing back on auditors when necessary, supported by clear evidence and reasoning. Comfort discussing and auditing SaaS infrastructure running on public cloud environments such as AWS, Azure, or GCP and private cloud environments. Familiarity with networking concepts and components, including firewalls, switches, routers, VPNs, and secure remote access. Exposure to Linux‑based server environments and various database management systems. Understanding of containerized environments, including Kubernetes and Docker. Ability to research and determine appropriate secure settings and configurations for unfamiliar technologies. Additional Skills & Qualifications Understanding of the NIST framework, particularly as it applies to security controls and policy design. Experience working with security controls that align with NIST‑based policies. Creative use of AI to collect, review, and automate evidence handling in a flexible and scalable way. CISSP certification, which demonstrates a deep understanding of technical security controls (strongly valued but not required). Experience at a CISO or senior security leadership level is beneficial, though practical hands‑on experience is preferred over certifications alone. Baseline familiarity with NIST and other security frameworks used to structure security controls and policies. Interest in continuously improving audit and compliance processes through automation and innovative tooling. Work Environment The role focuses on a SaaS product operating across both public cloud platforms (such as AWS, Azure, and GCP) and private cloud environments. You will regularly interact with infrastructure components, including firewalls, switches, routers, VPNs, and secure remote access solutions, as well as Linux‑based server environments and various database management systems. The environment makes extensive use of container technologies like Kubernetes and Docker. Collaboration with engineering and security teams is central to the role, and you will frequently work with technical configuration reports, system logs, and automated tools. AI and large language models are an integral part of the workflow, particularly for evidence collection, log parsing, and drafting control documentation. The position emphasizes a professional, detail‑oriented, and collaborative culture, where clear communication, proactive planning, and continuous improvement of compliance processes are highly valued. Job Type & Location This is a Contract position based out of Raleigh, NC. Pay and Benefits The pay range for this position is $50.00 - $55.00/hr. Medical, dental & vision Critical Illness, Accident, and Hospital 401(k) Retirement Plan – Pre‑tax and Roth post‑tax contributions available Life Insurance (Voluntary Life & AD&D for the employee and dependents) Short and long‑term disability Health Spending Account (HSA) Transportation benefits Employee Assistance Program Time Off/Leave (PTO, Vacation or Sick Leave) Workplace Type This is a hybrid position in Raleigh, NC. Application Deadline This position is anticipated to close on Jul 11, 2026. About Actalent Actalent is a global leader in engineering and sciences services and talent solutions. We help visionary companies advance their engineering and science initiatives through access to specialized experts who drive scale, innovation and speed to market. With a network of almost 20,000 consultants and 5,000 clients across the U.S., Canada, Asia and Europe, Actalent serves many of the Fortune 500. We are proud to be an Engineering News‑Record (ENR) Top 500 Design Firm for our engineering design services and a ClearlyRated Best of Staffing® winner for both client and talent service. The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law. If you would like to request a reasonable accommodation, such as the modification or adjustment of the job application process or interviewing process due to a disability, please email View email address on click.appcast.io for other accommodation options. San Francisco Fair Chance Ordinance: Pursuant to the San Francisco Fair Chance Ordinance, for all positions located in the city and county of San Francisco, we will consider for employment qualified applicants with arrest and conviction records. Massachusetts Lie Detector: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. Use of Artificial Intelligence (AI): We may use Artificial Intelligence (AI) to support parts of our hiring process, including sourcing, screening, and evaluating candidates. AI helps assess applications and qualifications, but final decisions are made by our hiring team. By applying, you acknowledge and agree that your application may be reviewed using AI tools. #J-18808-Ljbffr
$78.9k - $123.3k
...Position Overview We are seeking a detail-oriented cybersecurity compliance professional to support system authorization and continuous... ...Federal environment. This role is responsible for managing the security authorization lifecycle for one or more information systems,...SuggestedPermanent employmentFull timePart timeWork at officeLocal areaRemote work- About the role: Eagle Creek Renewable Energy is seeking an experienced Information Security Compliance Analyst to join our team and help safeguard our organization's regulatory standing and the security of the critical generation assets across our fleet of hydropower facilities...Suggested
- MaintainX is seeking an Information Security professional to enhance its security posture by managing vulnerabilities and conducting... ...requires expertise in AWS and various security frameworks to support compliance programs. The ideal candidate has experience in information...Suggested
- ...The Workday Security Administrator is a Senior Workday HRIS Analyst and is responsible for the administration, maintenance, and optimization of the security... ...within the Workday system to ensure data integrity and compliance.The Workday Security Administrator collaborates...SuggestedWork at office
$124.2k - $186.2k
About the Team Information Security organization advances the overall state of security at Rubrik through purposeful initiatives and... ...per requirements and regulations; Perform ongoing activities in compliance with service and contractual obligations; Participate in role-...SuggestedLocal areaRemote work- Security Analyst Lucid Software is the leader in visual collaboration and work acceleration, helping teams see and build the future by turning... ..., customer trust, and support GRC (Governance, Risk, and Compliance) operations. Lucid Software’s security team fosters an...Remote work
- The opportunity As an Offensive Security Analyst on the Attack Surface Management team, you will play a key role in evaluating and reducing EY’s digital exposure through hands‑on penetration testing and adversarial simulation. Working under the guidance of the Exposure...Summer holidayFlexible hours
$50 - $60 per hour
A leading AI development company is looking for a Securities Analyst to join their team remotely. This role involves reviewing AI Assistant outputs related to finance, providing feedback, and ensuring quality in AI reasoning and performance. Candidates should have fluency...Remote jobHourly pay$40 per hour
A cybersecurity training company is seeking experienced professionals to evaluate AI-generated security content and solve technical cybersecurity problems. You will work remotely, assessing accuracy, and contributing to the development of AI security tools. Candidates...Remote jobHourly payFlexible hours$40 per hour
A cybersecurity firm is seeking experienced professionals to evaluate AI-generated content and solve technical cybersecurity challenges. The role is remote, flexible, and offers the freedom to choose projects. You must have hands-on cybersecurity experience, some coding...Hourly payRemote workFlexible hours- ...implemented Workday environment, is seeking a Senior Workday Security Administrator to serve as the final addition to its HRIS team.... ...IT, audit, and business stakeholders to ensure data integrity, compliance, and scalable security design while supporting ongoing enhancements...Full timeH1bRelocation package
$40 per hour
...for experienced cybersecurity professionals to join our team to help train AI models. In this role, you will evaluate AI-generated security content, solve technical cybersecurity problems, and provide feedback to improve how AI systems reason about real-world threats...Remote jobHourly payFull timePart time$40 per hour
...cybersecurity firm is seeking experienced cybersecurity professionals for a remote position. The role involves evaluating AI-generated security content, solving technical problems, and providing valuable feedback to improve AI systems. Candidates should have 2+ years of...Remote jobHourly payFlexible hours- IT Security Analyst needs 3+ years experience IT Security Analyst requires: IT security Cyber security Finance industry IT Security Analyst duties: Supports Information Security and Cyber Threat management programs within the Bank at an advanced level of ability. Analyzes...
- Ernst & Young Oman in Raleigh, North Carolina is seeking an Offensive Security Analyst to evaluate and mitigate digital exposure through penetration testing and adversarial simulation. The ideal candidate will have at least 4 years of experience in security roles, with...
- ...leading IT staffing company located in Raleigh, North Carolina is seeking a Senior IT Technical Support Analyst. The successful candidate will manage Corporate Security applications and be responsible for ongoing support, lifecycle, and change management. Key...
- First Citizens Bank is seeking a highly skilled Cyber Security Analyst with a strong background in application security and vulnerability management. This remote role supports NC, AZ, and TX, focusing on SAST, DAST, SCA, and proactive risk remediation across software pipelines...Remote job
- Lucid Software is seeking a Security Analyst to safeguard corporate assets, web applications, and personnel. You will drive third-party risk assessments, contribute to GRC programs, and support audits for SOC 2 and ISO 27001 while collaborating with Legal, Engineering,...
$40 per hour
A cybersecurity company is seeking experienced professionals to evaluate AI-generated security content and solve technical cybersecurity problems. This role can be performed remotely and offers flexible hours, with hourly pay starting at $40+. The ideal candidates will...Remote jobHourly payFlexible hours$108k - $127.5k
Practice - CIS - Cloud, Infrastructure, and Security Services About Cloud Infrastructure & Security Services: Cognizant’s Cloud, Infrastructure... .... Job Summary We are seeking an Application Security Analyst to support a large-scale migration from Veracode to Snyk across...Temporary work- Lucid Software is seeking a Security Analyst to protect corporate assets, web applications, and employees. You will execute day‑to‑day Security... ...and support GRC initiatives. The role emphasizes a risk and compliance mindset to align security with business objectives....
$50 - $60 per hour
DataAnnotation is committed to creating high-quality AI. We are looking for a Securities Analyst to join our team to help train the next generation of AI while enjoying the flexibility of remote work and the freedom to set your own schedule. This role is designed to fit...Hourly payFull timeContract workPart timeWork experience placementRemote workFlexible hours- The North Carolina Health Information Exchange Authority is seeking a Sr. Information Security Risk Analyst on a contract basis to lead the annual enterprise security risk assessment. Responsibilities include planning the assessment, aligning to NIST SP 800-53 Rev. 5, incorporating...Remote jobContract work
- A financial services company in Raleigh seeks an experienced IT Security Analyst. This role includes supporting information security programs, analyzing threats, and enhancing security measures. Ideal candidates will have over 3 years of experience in IT security, preferably...
- Lucid Software in Raleigh, NC is seeking a Security Risk Analyst to perform third-party vendor risk assessments, respond to security questionnaires, and support SOC 2 and ISO 27001 compliance efforts. You will identify threats, design security improvements, deliver awareness...
- Cognizant's CIS - Cloud, Infrastructure, and Security Services Practice is seeking an Application Security Analyst to support a large-scale migration from Veracode to Snyk across enterprise development teams. This role focuses on coordinating onboarding activities, facilitating...
- Sr. Information Security Risk Analyst [Must Have HIPAA & HITRUST & NIST SP 800-30, NIST SP 800-53] 221 E Lane Street, Raleigh, NC/REMOTE 12 Months Description The North Carolina Health Information Exchange Authority is seeking a skilled Information Security Risk Analyst...Contract workRemote work
- ...SAP Security Analyst Salary: Confidential Location: Apex, North Carolina Relocation Assistance: Available Job Description No H-1 candidates // no sponsorship candidates The role is in the Raleigh area, but the client will relocate the right candidate...Work at officeWork from homeRelocationRelocation packageFlexible hours
- ...This position involves analyzing large datasets, developing scripts for automation, and collaborating with resource teams to support security initiatives. The ideal candidate will possess strong technical skills, with a background in cybersecurity and proficiency in data...
- ...position to manage key operations globally. You will support various initiatives related to digital certificates, ensuring compliance with security policies. The role requires excellent collaboration skills to engage with cross-functional teams effectively. The ideal...Work at office
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Security Compliance Analyst. Be the first to apply!
- security operations analyst Raleigh, NC
- application security analyst Raleigh, NC
- entry level information security analyst Raleigh, NC
- cloud security analyst Raleigh, NC
- network security analyst Raleigh, NC
- entry level security analyst Raleigh, NC
- information security compliance analyst Raleigh, NC
- security analyst Raleigh, NC
- senior security analyst Raleigh, NC
- IT security analyst Raleigh, NC

