Information Security Compliance Analyst II (Hybrid)

Summary / Objective
The Information Security Compliance Analyst will develop and execute a comprehensive security and compliance program. Key responsibilities include planning and conducting security audits, maintaining compliance with various standards and regulations, and managing security operations by monitoring alerts and remediating vulnerabilities. The position also involves preparing for external audits, providing guidance to internal teams, and developing and delivering training on security best practices.
This role reports to Sr. Director, Security.
What You'll Do

• Review, update, and create necessary security policies, procedures, and documentation
• Design, develop, and maintain controls to ensure ongoing compliance with contractual security requirements, industry standards (ISO, NIST), and regulations
• Develop and execute internal and external audit programs (e.g., ISO, SOC) to ensure compliance with contractual obligations, user controls in coordination with third-party auditors and internal teams
• Utilize audit tools to automate and streamline the audit process, present findings and recommendations to management, and monitor the implementation of corrective actions
• Support the organization in gaining and maintaining key certifications, such as ISO and SOC
• Continuously monitor and triage security alerts, event notifications and vulnerabilities to ensure compliance and enhance security posture-developing detection rules, optimizing correlation searches, analyzing alerts, reporting and coordinating remediation efforts with IT and Development teams. Participate in security incident response activities
• Provide guidance and support to internal teams on compliance best practices and track the status of all security efforts
• Evaluate and implement tools to prevent cyber exploits and enforce secure coding practices in collaboration with Operations and Development teams
• Regularly provide risk assessment reports to management and help drive the remediation of risks and compliance violations
• Stay current with cybersecurity threats by reviewing threat intelligence feeds and industry publications
• After-hours and on-call support is required for this role
• Develop and deliver training programs on security compliance and audit procedures
• Actively models and promotes Identity Digital's core values through day-to-day interactions, behaviors, and decision-making
• Other duties as assigned

Who You Are / What You Bring

• 2+ years of Information Security experience in an engineering environment
• A Bachelor's degree in Cybersecurity, Computer Science, or a related field is an asset
• Relevant industry certifications such as CompTIA Security+, CISA (Certified Information Systems Auditor), CCAK (Certificate of Cloud Auditing Knowledge) or ISO 27001 Lead Implementer/Auditor
• Works under the direction of a manager or Senior Engineer to help prioritize tasks within a team environment
• Strong analytical and problem-solving skills with a high level of attention to detail. The ability to spot inconsistencies, gaps, or errors in large volumes of documentation and data
• Knowledge of cloud environments (AWS, Azure, GCP)
• Strong grasp of Information Security principles, best practices, and control processes
• Good understanding of operating systems, containerization (Docker & Kubernetes), web servers, TCP/IP, and network technologies; Authentication and security protocols, and coding methodologies
• Hands-on experience with security monitoring tools such as a SIEM (e.g., Splunk, Exabeam) and EDR (e.g., CrowdStrike, Carbon Black)
• Working knowledge of vulnerability scanning, anti-virus, IDS/IPS and other common infosec tool sets a must
• Knowledge of common compliance frameworks and regulations (e.g., ISO 27001, SOC 1/2, NIST CSF, CIS controls)
• Experience conducting or auditing user access reviews within systems like Active Directory and IAM
• Familiarity with modern AI and machine learning applications in the cybersecurity and audit landscape, including tools for security monitoring, anomaly detection, and compliance automation an asset
• After-hours and on-call support outside business hours will be required
• Ability to travel as needed
• Ability to work across time zones as part of a global organization
• Reliable transportation to the workplace

Physical Requirements

• Prolonged periods of sitting at a desk and working on a computer
• Must be able to lift up to 15 pounds at times

Salary Range
The U.S. base salary range for this full-time position is $87,000 - $111,000 (flexibility based on experience) plus benefits as described below. In addition, the successful candidate will be eligible to receive other compensation from time to time in the form of discretionary and/or nondiscretionary bonuses and long-term incentive plan. Actual compensation will be influenced by a candidate's qualifications, internal employee equity considerations, and location. We will not ask for information about a candidate's current or past compensation for purposes of developing an offer of employment.
US team members (and their spouses, domestic partners, and/or dependent children) are covered by generously subsidized medical, dental, and vision insurance which includes company contributions to a Health Savings Accounts. Team members are also covered by company-paid life and disability insurance and have the option of participating in employee-paid supplemental life, accidental death and dismemberment, critical illness, and accident insurance. In addition, team members can enroll in the company's 401(k) plan with up to a 5% match. You receive 15 days of paid vacation yearly, increasing to 20 days after one year. Additionally, you get 5 days of paid sick leave, 13 paid holidays, and 20 weeks of paid parental leave for birthing parents, 12 weeks for others. Also, there's an opportunity for tuition reimbursement for qualifying expenses.
Note: Benefits programs are subject to eligibility requirements and may vary in certain locations.
A few things to know about us
Identity Digital is an Equal Opportunity Employer and does not discriminate based on race, color, religion, sex, age, national origin, veteran status, marital status, sexual orientation, gender identity, disability or any other category prohibited by local, state or federal law. This policy applies to all aspects of employment, including recruitment, placement, promotion, transfer, demotion, compensation, benefits, social and recreational activities, and termination.
Background Check Statement
At the time of an offer, you will be required to complete a background check. Any offer is contingent upon a satisfactory background check.
Sponsorship Statement
Please note that work sponsorship for this position may not be available now or in the future. While we strive to support our candidates, not all roles will qualify. Eligibility will be reviewed on a case-by-case basis.
Accommodation Statement
We are committed to the full inclusion of all qualified individuals. As part of this commitment, Identity Digital will ensure that persons with disabilities are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, please contact our Recruiting Team at [email protected].