9,263 Health Safety Security Environment jobs in the United States

Security Compliance Analyst
Job Number:

ECLARO is looking for a Security Compliance Analyst for our client in Remote, NY.

ECLARO's client is a major technology firm with a prominent presence in large and fast-growing markets, providing products and services that enable businesses and economies to thrive. If you're up to the challenge, then take a chance at this rewarding opportunity!

Responsibilities:

• Key duties encompass developing and enforcing security measures to safeguard computer systems, networks, and data.
• Will pinpoint, evaluate, and tackle security risks promptly.
• Additional responsibilities include orchestrating security assessments, devising risk management tactics, bolstering adherence to pertinent federal guidelines (like the Federal Information Security Management Act, National Institute of Standards and Technology standards (NIST), and offering technical assistance during audits and incident responses.

Required Skills:

• Crucial skills include comprehension of the NIST 800-53, the Risk Management Framework (RMF) process, familiarity with system security structures, and robust communication capabilities.
• Vulnerability compliance and remediation reporting - 3 years' experience.
• Maintain System Plan of Action and Milestones (POA&M) - 3 years' experience.
• Certified in industry recognized areas such as Security+.

Preferred Experience:

• NIST Risk Management Framework (RMF) - 3 or more years' experience.
• Governance, Risk, & Compliance (GRC) Applications (e.g. Xacta, Archer, CSAM, ServiceNow CAM, or eMASS) (exposure).
• Evaluate Plugin / Vulnerability Scan Tool Results - 3 years' experience.

If hired, you will enjoy the following ECLARO Benefits:

• 401k Retirement Savings Plan administered by Merrill Lynch
• Commuter Check Pretax Commuter Benefits
• Eligibility to purchase Medical, Dental & Vision Insurance through ECLARO

If interested, you may contact:
Lester Candilado


Lester Candilado | LinkedIn

Equal Opportunity Employer: ECLARO values diversity and does not discriminate based on Race, Color, Religion, Sex, Sexual Orientation, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status, in compliance with all applicable laws.

Job Title: Security & Compliance Manager

Location : Downton Boston, MA

Compensation: $137K + 15% Bonus and Full Benefits package day one

As we scale, we are strengthening our governance, risk, and compliance capabilities to protect our customers, data, and systems. We are seeking a Security & Compliance Manager to lead our compliance, risk management, and privacy initiatives while enabling teams across the organization to meet evolving regulatory requirements.

Youll work closely with our Infosec, IT, Legal, Operations, and Engineering teams to mature our compliance programs starting with CCPA readiness and maintaining PCI DSS SAQ Level 3 compliance while preparing for future frameworks such as SOC 2.

Youll serve as a trusted advisor to stakeholders, providing clear, actionable guidance on the risk, security, and compliance implications of product and business decisions. Your insights will help teams make informed choices that balance innovation with regulatory and security requirements.

This is a high-impact, cross-functional role where youll help define policies, select and implement a GRC platform, guide audits, and build scalable processes that make security and compliance part of our culture.

What you will do:

• Compliance Program Leadership Own and mature the companys compliance programs, including CCPA, PCI DSS, and emerging privacy/security regulations.

• Risk Management Identify, assess, and monitor risks; partner with stakeholders to ensure mitigations are implemented and effective.

• Advisory & Stakeholder Support Act as a subject matter expert for stakeholders across Product, Engineering, Legal, and Operations, providing guidance on the risk, privacy, and compliance consequences of product features, architecture decisions, and vendor selections.

• Privacy & Regulatory Alignment Implement and maintain privacy policies, data handling standards, and processes to meet CCPA and other applicable privacy laws.

• Cross-Functional Collaboration Partner with Infosec, IT, Legal, Operations, and Engineering to align compliance efforts with business goals.

• GRC Platform Implementation Select and roll out a governance, risk, and compliance platform to centralize policies, controls, and audit workflows.

• Policy & Process Development Draft, maintain, and communicate security and compliance policies, standards, and playbooks.

• Audit & Assessment Management Lead internal/external audits and vendor risk assessments; coordinate evidence collection and reporting.

• Training & Awareness Develop and deliver compliance and security awareness training to employees.

• Metrics & Reporting Track compliance KPIs and report progress to leadership.

What Were Looking For:

• 6+ years of experience in compliance, governance, or information security roles, with at least 3+ years in a management or lead capacity.

• Hands-on experience with privacy and security frameworks such as CCPA, PCI DSS, SOC 2, GDPR etc.

• Familiarity with compliance automation/GRC platforms (e.g., Drata, Vanta, OneTrust) and ticketing/documentation tools (e.g., Jira, Confluence, SharePoint).

• Strong understanding of cloud security concepts and how they intersect with compliance requirements.

• Proven track record of leading audits, vendor assessments, and regulatory readiness programs.

• Excellent communication and stakeholder management skills, with the ability to influence across functions.

• Self-starter with the ability to thrive in a fast-paced, scaling environment.

Why Youll Love Working Here:

• Join a diverse and passionate team in a flexible and innovative work environment.

• Contribute to the success of the world's leading car-sharing network.

• Your ideas and input will always be valuedwe encourage creativity and the use of new tools.

What tops off the tank:

• Rest & Relax! Flexible PTO and Sick time

• Save for Your Future! 401(k) with company match from day one of hire

• Benefits: Excellent, low-cost healthcare coverage including: medical, dental, vision, eligibility day one

• Drive a Flexcar! Discounted employee rate on Flexcar products and no annual membership fee

• Weekly Pay

• and other amazing perks!

We are fiercely disrupting the concept of automobile ownership

Flexcar is completely reimagining car ownership. We offer the worlds first month-to-month car lease, with insurance and maintenance included. Members can swap cars anytime as their needs change, without the commitment or hassle of traditional car ownership. By combining operational expertise with technology, data, and AI, were transforming every aspect of the customer journey and delivering a more affordable, flexible, and hassle-free alternative to buying or leasing.

Disclaimer:This job description may not be inclusive of all assigned duties, responsibilities, or aspects of the job described, and may be amended at anytime at the sole discretion of the Employer.

Flexcar is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind. Flexcar provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

Flexcar is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind. Flexcar provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

#J-18808-Ljbffr

At Instabase, we're passionate about democratizing access to cutting-edge AI innovation to enable any organization to solve previously unsolvable unstructured data problems in their industry. With customers representing some of the largest and most complex organizations in the world, and investors like Greylock, Andreessen Horowitz, and Index Ventures, our market opportunity is near infinite.

Instabase offers a consumption-based pricing model where customers can pay only for what they use, aligning directly with the value our products deliver. It empowers our clients to explore our AI Hub platform features extensively, enabling them to uncover crucial business insights. This customer-centric model allows Instabase to glean insights from diverse use cases and behaviors, ensuring we deliver top-tier solutions that provide unmatched advantages for everyday business operations.

With offices in San Francisco, New York, London and Bengaluru, Instabase is a truly global company. We are people-first , and we've built a fearlessly experimental, endlessly curious, customer obsessed team who work together and help organizations around the world turn their unstructured data into insights instantly.

As Security & Compliance Manager ,you'll be responsible for building and managing out our Security and GRC (Governance, Risk and Compliance) program, driving strategy and execution of Instabase security and compliance initiatives.

What you'll do

• Formulate and drive GRC roadmap, security policies, vendor security reviews and security training
• Initiate, own and lead new security & compliance programs and audits GDPR, SOC2, HIPAA and ISO 27001
• Establish and continuously improve standards, processes, tooling and procedures for audit and compliance management
• Collaborate and work cross-functionally across the company to deliver successful security compliance programs, partnering with Engineering, Product, GTM, Legal and HR teams
• Work with external auditors to achieve security compliance certifications and reports
• Regularly report on status, operational metrics and KPI's, providing transparency to company Leadership and internal stakeholder teams

About you

• Extensive experience in security compliance, successfully leading compliance projects, risk assessments and audits
• FedRAMP (NIST 800-53), GDPR, SOC2, HIPAA and ISO 27001 auditing and implementation experience
• Experience working with Engineering teams within the modern cloud / SaaS technology space
• Excellent written and verbal communication skills
• Nice to have's:
• Past experience at a Big Four consulting firm and/or reputable SaaS provider
• Engineering or Computer Science background

For US-based roles: The base salary range for this role is $195,000 to $205,000 + bonus, equity, and benefits. The actual pay may vary based on factors such as location, experience/skills, and level of impact the individual is expected to make at Instabase.

US Benefits:

• Flexible PTO : Because life is better when you actually live it!
• Instabreak Fridays : Enjoy 6 company-wide Friday breaks scheduled throughout the year, giving you long weekends to relax and recharge!
• Comprehensive Coverage : Top-notch medical, dental, and vision insurance.
• 401(k) with Matching : We've got your back for a secure future.
• Parental Leave & Fertility Benefits : Supporting you in growing your family, your way.
• Therapy Sessions Covered : Mental health matters- 10 free sessions through Samata Health.
• Wellness Stipend : For gym memberships, fitness tech, or whatever keeps you thriving.
• Lunch on Us : Enjoy a lunch credit when you're in the office.

#LI-Hybrid

Instabase is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Research shows that in order to apply for a job, women feel they need to meet 100% of the criteria while men usually apply after meeting about 60%. Regardless of how you identify, if you believe you can do the job and are a good match, we encourage you to apply.

Security & Compliance Analyst

Location: This is a remote position open to candidates based in Atlanta, GA; Austin, TX; Burlington, VT; or Tallahassee, FL.

Reports to: Director, Information Security & Compliance

Salary range: $80,000 - $110,000

Who We Are

At Aptarro, we believe the best work happens when people feel valued, supported, and empowered to thrive! Our culture is grounded in our A.R.R.O.W core values, which guide everything we do and keep us moving forward - together.
• Agile Mindset - We adapt and pivot with purpose.
• Relentless Resourcefulness - We find solutions, no matter the challenge.
• Raise Your Hand - We step up, own it, and contribute.
• Only What Matters - We simplify and focus on what drives impact.
• We Do Hard Things Together - We solve tough problems as a team.

We help healthcare providers get paid accurately and on time-without getting stuck in the complexity of billing, coding, and compliance. Our Revenue Cycle Management (RCM) solutions reduce denials, ensure compliance, and integrate seamlessly with EHRs, practice management, and hospital information systems-so providers can focus on what matters most: patient care.

We help our customers make right easy-every day.

What You'll Do

The Security & Compliance Analyst plays a key role in supporting Aptarro's security and compliance programs. You will help maintain audit readiness, ensure documentation is accurate and up to date, and provide critical support for certifications and vendor reviews. Working under the guidance of the Director of Information Security & Compliance, you'll contribute to safeguarding sensitive data and ensuring Aptarro meets healthcare and SaaS compliance standards.

This role is well-suited for someone detail-oriented who enjoys documentation, process, and learning about information security in a healthcare SaaS environment. You'll work with cross-functional teams to help keep Aptarro audit-ready and aligned with industry standards.

In this role, you will:

• Support certification and accreditation programs (HITRUST, SOC 2, HIPAA, FedRAMP, ISO 27001) by preparing documentation, gathering evidence, and coordinating with assessors
• Assist in maintaining policies, procedures, and security program documentation
• Perform compliance checks such as access reviews, control testing, and mock audit exercises
• Track and update risk registers, training records, and compliance dashboards
• Help coordinate vendor risk assessments and review security questionnaires
• Research regulatory updates and summarize impacts for leadership
• Provide logistical and administrative support during audits, assessments, and internal reviews
• Contribute to compliance training rollout and awareness campaigns across the company

What You Bring

• Bachelor's degree in Information Systems, Business, or a related field; or equivalent practical experience
• 1-3 years of experience in compliance, information security, IT risk, or a related discipline
• Familiarity with HIPAA, HITRUST, SOC 2, or ISO 27001 (through coursework, exposure, or hands-on support)
• Strong skills in documentation, organization, and attention to detail
• Effective written and verbal communication skills, including the ability to clearly summarize compliance findings
• Proficiency with Microsoft Office, project tracking, or GRC tools
• Certifications such as CISA or CompTIA Security+ are a plus

What We Offer

• Competitive salary and benefits package (health, dental, and vision)
• Remote/hybrid flexibility
• Generous PTO and wellness benefits
• Opportunities for training, certifications, and professional growth
• A mission-driven culture where security and compliance are central to enabling healthcare innovation

Job Description

Are you ready to make an impact at DTCC?

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.

Pay and Benefits:

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).

The Impact you will have in this role:

Being a member of IT Cybersecurity & Platform Strategy team, the purpose of Cloud Security Engineering team is to provide best in class and versatile cloud security services to the enterprise securing the workloads, application and data in AWS, Azure and GCP. This position is for a Cloud Security Manager. This position is passionate about building, mentoring and leading a highly motivated cloud security team.

You will be an experienced Cybersecurity Compliance Manager to lead our compliance initiatives and manage a team of 3 cybersecurity engineers. You will ensure our security controls align with regulatory requirements (e.g., GLBA, NYDFS, SOX, FFIEC, GDPR), industry standards (e.g., NIST, ISO 27001, PCI-DSS), and internal policies. This role blends technical oversight, regulatory expertise, and team leadership.

Your Primary Responsibilities:

• Develop, implement, and maintain the cybersecurity compliance roadmap.
• help service owners with remediation of findings and supervise action plans to closure.
• Maintain policies, standards, and procedures aligned with FFIEC, GLBA, NYDFS, etc.
• Lead, mentor, and develop 3 cybersecurity engineers focused on compliance tooling and control implementation.
• Prioritize workload, conduct performance reviews, and foster collaboration.
• Bridge technical execution (engineers) and strategic compliance goals.
• Design and monitor security controls to meet compliance requirements.
• Oversee vendor security reviews and third-party risk management.
• Serve as primary point of contact for compliance metrics.
• Help prepare and present compliance reports to senior management and committees.
• Stay current on evolving regulations (SEC, FINRA, CFPB), threats, and frameworks.
• Automate compliance monitoring and reporting using GRC tools.
• Drive initiatives to improve security posture and reduce compliance risk.

**NOTE: The Primary Responsibilities of this role are not limited to the details above. **

Qualifications:

• Bachelor's degree and/or equivalent experience with 8+ years of industry experience Cybersecurity, IT, Risk Management, Governance or related field.
• 5+ years in cybersecurity compliance, risk, or audit within financial services (banking, fintech, brokerage, etc.).
• 2+ years directly leading technical teams.

Talents Needed for Success:

• Proven expertise with GLBA, NYDFS, FFIEC, SOX, PCI-DSS, and NIST CSF/800-53.
• Experience with GRC tools (e.g., RSA Archer, MetricStream, ServiceNow, Qualys).
• Understanding of security controls (IAM, encryption, SIEM, vulnerability management).
• Proficiency in audit management and regulatory reporting.
• Strong leadership, communication, and stakeholder management abilities.

Preferred:

• Experience with cloud compliance (AWS/Azure/GCP) in regulated environments.
• Knowledge of data privacy laws (GDPR, CCPA).
• Certifications - CISSP, CISM, CRISC, CISA, or similar.

The salary range is indicative for roles at the same level within DTCC across all US locations. Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

About Us

With over 50 years of experience, DTCC is the premier post-trade market infrastructure for the global financial services industry. From 20 locations around the world, DTCC, through its subsidiaries, automates, centralizes, and standardizes the processing of financial transactions, mitigating risk, increasing transparency, enhancing performance and driving efficiency for thousands of broker/dealers, custodian banks and asset managers. Industry owned and governed, the firm innovates purposefully, simplifying the complexities of clearing, settlement, asset servicing, transaction processing, trade reporting and data services across asset classes, bringing enhanced resilience and soundness to existing financial markets while advancing the digital asset ecosystem. In 2024, DTCC's subsidiaries processed securities transactions valued at U.S. $3.7 quadrillion and its depository subsidiary provided custody and asset servicing for securities issues from over 150 countries and territories valued at U.S. $99 trillion. DTCC's Global Trade Repository service, through locally registered, licensed, or approved trade repositories, processes more than 25 billion messages annually. To learn more, please visit us at or connect with us on LinkedIn, X, YouTube, Facebook and Instagram.

DTCC proudly supports Flexible Work Arrangements favoring openness and gives people freedom to do their jobs well, by encouraging diverse opinions and emphasizing teamwork. When you join our team, you'll have an opportunity to make meaningful contributions at a company that is recognized as a thought leader in both the financial services and technology industries. A DTCC career is more than a good way to earn a living. It's the chance to make a difference at a company that's truly one of a kind.

Learn more about Clearance and Settlement by clicking here.

About the Team

Enterprise Product & Platform Engineering transforms the way we deliver infrastructure to our business clients. A key construct of EP&PE will be the evolution of the IT Product Manager, who will partner with the Engineering organization, the Business Aligned Service Delivery organization, the DevSecOps organization as well as our operational support teams to ensure that this organization provides high quality, commercially attractive and timely solutions to support our business strategy.

Job Title: Security & Compliance Manager

Location : Downton Boston, MA

Compensation: $137K + 15% Bonus and Full Benefits package day one

As we scale, we are strengthening our governance, risk, and compliance capabilities to protect our customers, data, and systems. We are seeking a Security & Compliance Manager to lead our compliance, risk management, and privacy initiatives while enabling teams across the organization to meet evolving regulatory requirements.

You'll work closely with our Infosec, IT, Legal, Operations, and Engineering teams to mature our compliance programs - starting with CCPA readiness and maintaining PCI DSS SAQ Level 3 compliance - while preparing for future frameworks such as SOC 2.

You'll serve as a trusted advisor to stakeholders, providing clear, actionable guidance on the risk, security, and compliance implications of product and business decisions. Your insights will help teams make informed choices that balance innovation with regulatory and security requirements.

This is a high-impact, cross-functional role where you'll help define policies, select and implement a GRC platform, guide audits, and build scalable processes that make security and compliance part of our culture.

What you will do:

• Compliance Program Leadership - Own and mature the company's compliance programs, including CCPA, PCI DSS, and emerging privacy/security regulations.

• Risk Management - Identify, assess, and monitor risks; partner with stakeholders to ensure mitigations are implemented and effective.

• Advisory & Stakeholder Support - Act as a subject matter expert for stakeholders across Product, Engineering, Legal, and Operations, providing guidance on the risk, privacy, and compliance consequences of product features, architecture decisions, and vendor selections.

• Privacy & Regulatory Alignment - Implement and maintain privacy policies, data handling standards, and processes to meet CCPA and other applicable privacy laws.

• Cross-Functional Collaboration - Partner with Infosec, IT, Legal, Operations, and Engineering to align compliance efforts with business goals.

• GRC Platform Implementation - Select and roll out a governance, risk, and compliance platform to centralize policies, controls, and audit workflows.

• Policy & Process Development - Draft, maintain, and communicate security and compliance policies, standards, and playbooks.

• Audit & Assessment Management - Lead internal/external audits and vendor risk assessments; coordinate evidence collection and reporting.

• Training & Awareness - Develop and deliver compliance and security awareness training to employees.

• Metrics & Reporting - Track compliance KPIs and report progress to leadership.

What We're Looking For:

• 6+ years of experience in compliance, governance, or information security roles, with at least 3+ years in a management or lead capacity.

• Hands-on experience with privacy and security frameworks such as CCPA, PCI DSS, SOC 2, GDPR etc.

• Familiarity with compliance automation/GRC platforms (e.g., Drata, Vanta, OneTrust) and ticketing/documentation tools (e.g., Jira, Confluence, SharePoint).

• Strong understanding of cloud security concepts and how they intersect with compliance requirements.

• Proven track record of leading audits, vendor assessments, and regulatory readiness programs.

• Excellent communication and stakeholder management skills, with the ability to influence across functions.

• Self-starter with the ability to thrive in a fast-paced, scaling environment.

Why You'll Love Working Here:

• Join a diverse and passionate team in a flexible and innovative work environment.

• Contribute to the success of the world's leading car-sharing network.

• Your ideas and input will always be valued-we encourage creativity and the use of new tools.

What tops off the tank:

• Rest & Relax! Flexible PTO and Sick time

• Save for Your Future! 401(k) with company match from day one of hire

• Benefits: Excellent, low-cost healthcare coverage including: medical, dental, vision, eligibility day one

• Drive a Flexcar! Discounted employee rate on Flexcar products and no annual membership fee

• Weekly Pay

• and other amazing perks!

We are fiercely disrupting the concept of automobile ownership

Flexcar is completely reimagining car ownership. We offer the world's first month-to-month car lease, with insurance and maintenance included. Members can swap cars anytime as their needs change, without the commitment or hassle of traditional car ownership. By combining operational expertise with technology, data, and AI, we're transforming every aspect of the customer journey and delivering a more affordable, flexible, and hassle-free alternative to buying or leasing.

Disclaimer: This job description may not be inclusive of all assigned duties, responsibilities, or aspects of the job described, and may be amended at anytime at the sole discretion of the Employer.

Flexcar is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind. Flexcar provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

Flexcar is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind. Flexcar provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

Title: Security Compliance Analyst
Location: Pleasanton, CA; Vacaville, CA
Duration; 12 months with possible extension

Job summary.
Key Responsibilities:
Develop and maintain security policies and standards based on security frameworks and industry standards including the identification of risk rating for each security control
Provide in depth security knowledge and consultation when analyzing security risks (e.g., analyzing security related reports; evaluating security risks; and making recommendations)
Conduct the most complex Risk Assessments (RAs)
Develop/maintain procedures (e.g., RA/BRD/TDD/security defects)
Perform analysis on the most complex Security Incident Response (SIR) tickets as needed
Act as Lead/Co-Lead/Backup on assigned Information Security projects
Train/mentor new/existing security team members on RAs/BRDs/TDDs/security defects (e.g., identify applicable security risks and mitigating controls; review for adherence to the System Engineering Handbook/Security Policies & Standards)
Attend meetings/Represent Information Security for all security matters

Basic Qualifications:
5+ years of information technology experience, including two (2) years of lead/management experience performing a variety of progressively responsible technical and analytical work.
Extensive knowledge of and proven experience with information technology systems and methods of developing, testing and moving solutions to implementation.
Self-motivated self-starters/proactive, working closely and actively communicating with team members to accomplish time critical tasks and deliverables.
Work collaboratively with other support team members and independently on assigned tasks and deliverables with minimum supervision.

Preferred Qualifications:
Working experience in a highly regulated environment and managing information risks and expectations across multiple stakeholder groups
Working experience of security, policy compliance, and governance frameworks including the NIST-800 series, PCI, ISO 27001/27001, ITIL, and COBIT
Think creatively and critically, analyzing complex problems, weighing multiple solutions, and carefully selecting solutions appropriate to the business needs, project scope, and available resources
CISSP and CCFP or equivalent certification desired (e.g., CCE, CHFI). Other highly desirable security certifications may be substituted for CISSP (e.g., CISA, CISM, etc.)
Experience with LAN WAN, Internet, Proxy/Filtering, Firewall, VPN, DMZ and network protocols like TCP/IP, SNMP, SMTP, NTP, DNS, LDAP, NFS, SAMBA, etc.

Salary: $6,554.00 Monthly
Location : BCIT - 126 East Nueva San Antonio, TX
Job Type: Full-time Regular
Job Number:
Department: Information Technology
Opening Date: 09/18/2025
Closing Date: Continuous

Summary
Under general supervision, is responsible for supporting Bexar County Information Technology team; will support the mission of the County, ensuring successful delivery of IT services as defined in the duties and responsibilities. This position will represent the County in a professional and effective manner and establish and maintain effective working relationships with co-workers, County employees, Elected/Appointed Officials, outside organizations and agencies, vendors and the general public. Flexibility to achieve performance excellence in a telework arrangement.
This position is Excluded from Civil Service

Duties and Responsibilities

• Serves as subject matter expert, individually motivated and operating with a sense of urgency and personal accountability
• Understands industry and regulatory IT security requirements to ensure compliance
• Develops IT security processes and procedures that support adopted security frameworks and align with regulatory requirements
• Develops, communicates, implements, enforces, and monitors security controls to protect the organization's technology assets
• Develops security awareness training program content and guidelines, and ensures enterprise compliance with training and competency assessments
• Conducts internal risk audits and assessments, providing recommendations for improvement
• Coordinates with external vendors and other entities to conduct IT security assessments and audits
• Manages projects/processes, works independently with limited supervision
• Performs related duties as required

Minimum Qualifications

• Graduation from an accredited college or university with a Bachelor Degree in Business, Computer Science or a closely related field, and five (5) to seven (7) years of experience; or an equivalent combination of education and experience
• Experience in enterprise IT security policy and procedure development; experience in developing IT security awareness training and compliance program; experience conducting internal IT security audits and ensuring adherence to policies and procedures
• Knowledge of IT security best practice standards and regulatory requirements for compliance
• Ability to effectively communicate complex ideas in a clear and concise manner across functional and technical departments, both verbally and in writing; ability to establish and maintain effective working relationships with co-workers, stakeholders, County employees, Elected/Appointed Officials, outside organizations and agencies, vendors and the general public
• Demonstrates technological intuitiveness
• Must secure and maintain a favorable background investigation and clearance
• Must clear a pre-employment physical and a pre-employment drug screen test
• Required to travel to remote sites within Bexar County
• Must have and maintain a valid Texas driver's license, motor vehicle liability insurance and personal injury insurance, and; must have available transportation during entire workday
• May be required to work more than 40 hours during the workweek
• May be required to work weekends
• This position may need to satisfy the requirement of completing and passing an assessment during the employment process

Working Environment and Physical Demands:

• Constantly working in indoor / telework conditions
• Frequently moves items weighing up to 10-15 pounds
• Occasionally moves objects weighing up to 50 pounds
• Occasionally move about the office / telework office
• Frequently communicates with others using approved technological resources; must be able to exchange accurate information through designated systems within a timely manner
• Constantly operates a computer and other office productivity machinery
• Positions self to perform essential functions of the job in an office / telework environment
• Must be able to remain in a stationary position
• Flexibility to achieve performance excellence in a telework arrangement
• Maintains County-issued equipment, software, data and supplies

Supplemental Information
Workstations with internet access are available, if needed, to view job postings and apply online at 211 S Flores, San Antonio, TX 78204, 8am - 5pm, Monday through Friday. Phone: .

EQUAL OPPORTUNITY EMPLOYER

Bexar County is an Equal Opportunity Employer and committed to Workplace Diversity.
We are committed to providing equal opportunity for protected veterans and individuals with disabilities.
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
For more detailed information, please click on the following link to view Benefits offered by Bexar County:
NOTE : Part-Time and Temporary positions are not eligible for Bexar County Benefits.
01

Which best describes your highest level of education completed?

• High School Diploma or G.E.D
• Associates Degree
• Bachelor's Degree
• Master's Degree
• None

02

Which best describes the area of concentration of your highest level of education completed?

• Business
• Computer Science
• Other
• None

03

Which best describes your years of experience in Information Technology?

• No Experience
• 1 Year Experience
• 2 Years Experience
• 3 Years Experience
• 4 Years Experience
• 5 Years Experience
• 6 Years Experience
• 7 or more Years

04

Are you able to demonstrate technological intuitiveness?

• Yes
• No

05

Are you able to secure and maintain a favorable background investigation and clearance?

• Yes
• No

06

Are you able to clear a pre-employment physical and a pre-employment drug screen test?

• Yes
• No

07

Do you acknowledge you may be required to travel to remote sites within Bexar County?

• Yes
• No

08

Do you acknowledge you must have and maintain a valid Texas driver's license, motor vehicle liability insurance and personal injury insurance, and; must have available transportation during entire workday?

• Yes
• No

09

Are you able to work more than 40 hours during the work week?

• Yes
• No

10

Are you able to work weekends?

• Yes
• No

11

Do you acknowledge that this position may need to satisfy the requirement of completing and passing an assessment during the employment process?

• Yes
• No

Required Question

Job Description

IT Security & Compliance Manager

Location: Dallas, Hybrid
Type: Direct Hire

JOB RESPONSIBILITIES

• Develop, implement, and maintain compliance programs to ensure adherence to all applicable laws, regulations, and industry standards.
• Monitor changes in legislation and regulatory environments, providing guidance and updates to senior management.
• Conduct regular audits and assessments to evaluate compliance effectiveness and identify areas for improvement.
• Compliance investigations, action plans and overseeing compliance training.
• Main point-of-contact for company compliance.
• Lead and manage the PCI audit process, ensuring all necessary documentation and controls are in place.
• Lead the development and implementation of security policies and procedures to safeguard company assets and sensitive information.
• Familiar with personally implementing and maintaining technology surrounding security and compliance, including WAFs, VPNs, SAST, and DAST. Collaborate with IT, engineering, HR, and other departments to ensure cyber security measures are in place and implemented as a part of our regular business project planning.
• Oversee incident response planning and coordinate responses to security breaches or vulnerabilities.
• Identify, assess, and prioritize risks across the organization, developing risk mitigation strategies.
• Facilitate risk assessments and develop reports to communicate findings and recommendations to senior leadership.
• Foster a risk-aware culture by providing training and resources to employees on risk management best practices.
• Work closely with cross-functional teams to ensure compliance and risk management initiatives align with business objectives.
• Prepare and present regular reports on compliance, security, and risk management activities to the executive team and board of directors.
• Serve as the primary point of contact for regulatory agencies and external auditors. Respond to requests from external auditors for security audit questionnaires. Perform new vendor security reviews as requested.
• Provide training and guidance to staff on security and compliance best practices.
• Performs other related duties as assigned.

EDUCATION / CERTIFICATIONS & LICENSE REQUIREMENTS

• Bachelor's degree from a college or university with a major in Accounting, Computer Science, or a related field.
• Any one or multiples of the following are preferred but not required: MS cybersecurity architect Expert, CMMC Assessor (CCA), CMMC Professional (CCP).

PROFESSIONAL / TECHNICAL EXPERIENCE

• Minimum 5 years of relevant professional industry or experience in PCI management is required.