Join our team

A Security Compliance Analyst role is responsible for partnering with client senior management and technical teams to facilitate information risk management practices. This role combines technical skills, business management experience and compliance expertise to deliver a broad range of security consulting. Responsibilities include strategy, architecture, solutions design, program coordination and execution, awareness, outreach, business management and reporting on information security program effectiveness. This position requires a seasoned self-starter with strong business acumen and a detailed working knowledge of information security technologies, practices, policies, and their application.

Essential Functions:

• Understand potential and emerging information security threats, vulnerabilities, and control techniques.
• Understands the trade-offs required to manage the different levels of risk appetite and risk exposure across varied organizations.
• Supports clients in evaluating cyber risks, assessing capabilities, prioritizing security and risk strategies, and communicating risk intelligence in a way that drives business decision-making.
• Supports the development, implementation and monitoring of a comprehensive enterprise information security, compliance and risk management programs.
• Often serves as a vital extension and member of the client’s leadership and/or technical team.

Education and Work Experience:

• Preferred – Bachelor’s degree in Computer Science, Information Systems, or other equivalent experience
• Preferred – Security and/or Audit certifications (CISSP, CISM, CISA, GSEC, CEH, OSCP, etc.)
• 5+ years of relevant work experience in corporate information security programs and applying information security, risk management and privacy practices.

Knowledge, Skills, and Abilities:

Functional

• Strong demonstrated knowledge of enterprise systems, cloud solutions and technologies.
• Experience with information disaster recovery planning and testing, auditing, risk analysis, business system resumption planning, and contingency planning.
• Excellent written and verbal communications skills with experience presenting to executives, auditors, and leadership teams with the ability to communicate security and risk-related concepts to technical and non-technical audiences.
• Very strong business analysis skills, problem solving techniques, and follow-up.
• A driver and implementer who possesses the poise and ability to act calmly and competently in high-pressure, high-stress situations.
• Experience with security frameworks, compliance, regulations and certifications, a plus.

Technical

• Knowledge of common regulatory, audit and compliance requirements (SOX, FERC, CMMC, SOC2, HIPAA)
• Excellent technical knowledge of mainstream operating systems and a wide range of security technologies, such as network security appliances, identity and access management (IAM) systems, anti-malware solutions, and automated incident response tools
• Strong knowledge of network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts

Physical Demands:

• Typical of work in a professional office environment.

Work Environment:

• Office work, with travel to client locations for meetings and implementations as needed
• Availability after hours as needed

Job Type: Full-time

Pay: $90,000.00 – $110,000.00 per year

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Health insurance
• Life insurance
• Paid time off
• Vision insurance

Schedule:

• 8 hour shift
• Monday to Friday

Ability to commute/relocate:

• Oklahoma City, OK 73112: Reliably commute or planning to relocate before starting work (Required)

Education:

• Bachelor’s (Preferred)

Experience:

• FDA regulations: 1 year (Preferred)
• Relevant corporate information security programs: 5 years (Preferred)

License/Certification:

• CISSP, CISM, CISA, GSEC, CEH, OSCP, etc. (Preferred)

Work Location: One location