Security Analyst - IT Compliance

TEKsystems•Conshohocken, PA

2d•$65 - $75•Remote

About The Position

Job Responsibilities: IT/ISO Risk Management • Maintain and execute risk management processes that align with ISO, NIST, and regulatory standards. • Enforce and evaluate system access controls to ensure alignment with internal policies. • Support security planning, assessments, gap analysis, and compliance activities. • Analyze business processes for security alignment and identify control weaknesses. • Escalate and report on residual risk, vulnerabilities, and non compliance trends. Risk Register Management • Own the IT/ISO risk register, ensuring risks are captured, assessed, updated, and communicated. • Partner with IT and ISO process leaders to continually evaluate risk impact and mitigation progress. Compliance & Audit Support • Coordinate internal and external audits (ISO, NIST, SOC2, SOX, etc.). • Prepare evidence, respond to audit requests, and track findings through remediation. • Monitor compliance with IT/ISO policies, documenting deviations and improvement opportunities. Remediation Oversight • Work with application owners, infrastructure teams, and other technical SMEs to design and track remediation plans. • Ensure remediation timelines are met and resolutions are complete, accurate, and aligned with control intent. • Provide progress reporting to management and leadership. Collaboration & Communication • Partner across IT, security, and business teams to drive visibility and accountability around risk and compliance. • Lead periodic discussions with stakeholders to promote a consistent risk management culture. Training & Awareness • Provide training and support to teams on IT/ISO compliance processes. • Serve as a point of contact for compliance and audit related inquiries. Day to Day Duties • Perform ITGC testing, evidence review, and control validation for SOX/SOC2 readiness. • Review and update risk register entries, ensuring accuracy and timely progress updates. • Investigate compliance issues, perform root cause analysis, and document findings. • Support access control reviews and ensure entitlement processes align with policy. • Collaborate with auditors, gather evidence, and document remediation activities. • Draft or update security policies, standards, and procedures. • Monitor compliance dashboards, generate weekly/monthly reporting, and communicate status to leadership. • Participate in cross functional meetings with process owners and contribute to risk reduction strategies. • Respond to security incidents or alerts when they intersect with compliance and risk.

Responsibilities

Maintain and execute risk management processes that align with ISO, NIST, and regulatory standards.
Enforce and evaluate system access controls to ensure alignment with internal policies.
Support security planning, assessments, gap analysis, and compliance activities.
Analyze business processes for security alignment and identify control weaknesses.
Escalate and report on residual risk, vulnerabilities, and non compliance trends.
Own the IT/ISO risk register, ensuring risks are captured, assessed, updated, and communicated.
Partner with IT and ISO process leaders to continually evaluate risk impact and mitigation progress.
Coordinate internal and external audits (ISO, NIST, SOC2, SOX, etc.).
Prepare evidence, respond to audit requests, and track findings through remediation.
Monitor compliance with IT/ISO policies, documenting deviations and improvement opportunities.
Work with application owners, infrastructure teams, and other technical SMEs to design and track remediation plans.
Ensure remediation timelines are met and resolutions are complete, accurate, and aligned with control intent.
Provide progress reporting to management and leadership.
Partner across IT, security, and business teams to drive visibility and accountability around risk and compliance.
Lead periodic discussions with stakeholders to promote a consistent risk management culture.
Provide training and support to teams on IT/ISO compliance processes.
Serve as a point of contact for compliance and audit related inquiries.
Perform ITGC testing, evidence review, and control validation for SOX/SOC2 readiness.
Review and update risk register entries, ensuring accuracy and timely progress updates.
Investigate compliance issues, perform root cause analysis, and document findings.
Support access control reviews and ensure entitlement processes align with policy.
Collaborate with auditors, gather evidence, and document remediation activities.
Draft or update security policies, standards, and procedures.
Monitor compliance dashboards, generate weekly/monthly reporting, and communicate status to leadership.
Participate in cross functional meetings with process owners and contribute to risk reduction strategies.
Respond to security incidents or alerts when they intersect with compliance and risk.