Information Security Analyst III
We are seeking a highly experienced Information Security Analyst III to join our Information Security Team.
Information Security team. This senior-level role is critical in driving and maintaining the organization’s compliance with key security frameworks, including ISO/IEC 27001, PCI DSS v4.0, SOC 2 Type II, and HITRUST CSF. Additionally, the role includes responsibility for overseeing internal and external audit activities, ensuring effective audit readiness, execution, and remediation.
The ideal candidate will have a deep understanding of regulatory and industry standards, exceptional analytical skills, audit expertise, and a proven ability to lead cross-functional compliance initiatives in complex enterprise environments.
Responsibilities:
- Lead the planning, execution, and management of certification, compliance,
and third-party audit programs (ISO 27001, PCI DSS 4.0, SOC 2 Type II, HITRUST
and Client Security Audits).- Coordinate and manage internal and external audits, including scoping,
- Serve as the primary liaison with external auditors, assessors, and internal
- Develop and maintain audit-ready documentation for policies, procedures, and
- Conduct and coordinate internal control assessments, risk assessments,
- Track, report, and communicate audit findings, remediation progress, and
compliance metrics to senior leadership and key stakeholders.
Qualifications:
- 5–8+ years of experience in Information Security, Compliance, Audit, or GRC
- Hands-on experience leading enterprise compliance and audit efforts across ISO
- Strong understanding of risk management methodologies, control frameworks
- Proven experience working with external auditors, certification bodies, and
internal audit teams.