6,010 Security Compliance jobs in the United States

Company Summary

EchoStar is reimagining the future of connectivity. Our business reach spans satellite television service, live-streaming and on-demand programming, smart home installation services, mobile plans and products.

Today, our brands include Boost Mobile, DISH TV, Gen Mobile, Hughes and Sling TV.

Department Summary

Our Technology teams challenge the status quo and reimagine capabilities across industries. Whether through research and development, technology innovation or solution engineering, our team members play a vital role in connecting consumers with the products and platforms of tomorrow.

Job Duties and Responsibilities

Candidates must be willing to participate in at least one in-person interview, which may include a live whiteboarding or technical assessment session.

Within the Governance Risk and Compliance (GRC) team we are seeking a Compliance Analyst that interpret regulatory requirements into actionable oversight and testing so that we are able to demonstrate the strength of our systems and controls. Experience in cybersecurity in areas such as PCI, CPNI, SOX and IT auditing would be great, but if you have skills aligned with these we’d still love to hear from you.

Key Responsibilities:

• Assist in preparing and executing annual PCI DSS assessments for Echostar businesses

• Designing and executing controls testing plans in conjunction with other members of the GRC team

• Work with other Information Security teams and the business in designing appropriate remediation plans and controls to improve management of cybersecurity risks

• Researching regulatory changes that may impact EchoStar, and managing our regulatory change process

• Support our obligations for regulatory filings, including PCI and CPNI.

• Collaborate with internal stakeholders to gather evidence and address compliance gaps

• Review and analyze technical documentation, including system configurations and security policies as part of assessing regulatory compliance

• Maintain accurate compliance records

#LI-JZ2

Skills, Experience and Requirements

Education and Experience:

• Bachelor's degree in Information Technology, Information Security, or a related field

• Minimum of 2 years of experience in a compliance or information security role, preferably with exposure to PCI DSS or CPNI requirements

Skills and Qualifications:

• Understanding of information security principles, risk management concepts, and regulatory compliance frameworks such as PCI DSS, NIST CSF, NYDFS, and CPNI

• Strong written and verbal communication skills, with the ability to interact effectively with technical and non-technical stakeholders

• Ability to work independently and as part of a team in a fast-paced environment

• Proficiency in Google Workspace helpful

• Relevant certifications such as PCI QSA, Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or other security- or audit-related certifications are a plus

Visa sponsorship not available for this role

Salary Ranges

Compensation: $96,250.00/Year - $137,500.00/Year

Benefits

We offer versatile health perks, including flexible spending accounts, HSA, a 401(k) Plan with company match, ESPP, career opportunities, and a flexible time away plan; all benefits can be viewed here: DISH Benefits .

The base pay range shown is a guideline. Individual total compensation will vary based on factors such as qualifications, skill level, and competencies; compensation is based on the role's location and is subject to change based on work location.

Candidates need to successfully complete a pre-employment screen, which may include a drug test and DMV check. Our company is committed to fostering an inclusive and equitable workplace where every individual has the opportunity to succeed. We are dedicated to providing individuals with criminal or arrest records a fair chance of employment in accordance with local, state, and federal laws.

The posting will be active for a minimum of 3 days. The active posting will continue to extend by 3 days until the position is filled.

We pride ourselves on developing and promoting talent as an Equal Employment Opportunity Employer - Veteran/Disability. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status. All qualified applicants with arrest or conviction records will be considered for employment in accordance with local, state, and federal law. We are a true merit-based organization and work hard so there are no artificial barriers to one's potential success. DISH is committed to a workforce where everyone's opportunities are limitless. Please note that you may redact or remove any information that identifies age, date of birth or dates of school attendance/graduation from your application documents before submission and throughout our interview process.

Company Summary

EchoStar is reimagining the future of connectivity. Our business reach spans satellite television service, live-streaming and on-demand programming, smart home installation services, mobile plans and products.

Today, our brands include Boost Mobile, DISH TV, Gen Mobile, Hughes and Sling TV.

Department Summary

Our Technology teams challenge the status quo and reimagine capabilities across industries. Whether through research and development, technology innovation or solution engineering, our team members play a vital role in connecting consumers with the products and platforms of tomorrow.

Job Duties and Responsibilities

Candidates must be willing to participate in at least one in-person interview, which may include a live whiteboarding or technical assessment session.

Within the Governance Risk and Compliance (GRC) team we are seeking a Compliance Analyst that interpret regulatory requirements into actionable oversight and testing so that we are able to demonstrate the strength of our systems and controls. Experience in cybersecurity in areas such as PCI, CPNI, SOX and IT auditing would be great, but if you have skills aligned with these we’d still love to hear from you.

Key Responsibilities:

• Assist in preparing and executing annual PCI DSS assessments for Echostar businesses

• Designing and executing controls testing plans in conjunction with other members of the GRC team

• Work with other Information Security teams and the business in designing appropriate remediation plans and controls to improve management of cybersecurity risks

• Researching regulatory changes that may impact EchoStar, and managing our regulatory change process

• Support our obligations for regulatory filings, including PCI and CPNI.

• Collaborate with internal stakeholders to gather evidence and address compliance gaps

• Review and analyze technical documentation, including system configurations and security policies as part of assessing regulatory compliance

• Maintain accurate compliance records

#LI-JZ2

Skills, Experience and Requirements

Education and Experience:

• Bachelor's degree in Information Technology, Information Security, or a related field

• Minimum of 2 years of experience in a compliance or information security role, preferably with exposure to PCI DSS or CPNI requirements

Skills and Qualifications:

• Understanding of information security principles, risk management concepts, and regulatory compliance frameworks such as PCI DSS, NIST CSF, NYDFS, and CPNI

• Strong written and verbal communication skills, with the ability to interact effectively with technical and non-technical stakeholders

• Ability to work independently and as part of a team in a fast-paced environment

• Proficiency in Google Workspace helpful

• Relevant certifications such as PCI QSA, Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or other security- or audit-related certifications are a plus

Visa sponsorship not available for this role

Salary Ranges

Compensation: $96,250.00/Year - $137,500.00/Year

Benefits

We offer versatile health perks, including flexible spending accounts, HSA, a 401(k) Plan with company match, ESPP, career opportunities, and a flexible time away plan; all benefits can be viewed here: DISH Benefits .

The base pay range shown is a guideline. Individual total compensation will vary based on factors such as qualifications, skill level, and competencies; compensation is based on the role's location and is subject to change based on work location.

Candidates need to successfully complete a pre-employment screen, which may include a drug test and DMV check. Our company is committed to fostering an inclusive and equitable workplace where every individual has the opportunity to succeed. We are dedicated to providing individuals with criminal or arrest records a fair chance of employment in accordance with local, state, and federal laws.

The posting will be active for a minimum of 3 days. The active posting will continue to extend by 3 days until the position is filled.

We pride ourselves on developing and promoting talent as an Equal Employment Opportunity Employer - Veteran/Disability. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status. All qualified applicants with arrest or conviction records will be considered for employment in accordance with local, state, and federal law. We are a true merit-based organization and work hard so there are no artificial barriers to one's potential success. DISH is committed to a workforce where everyone's opportunities are limitless. Please note that you may redact or remove any information that identifies age, date of birth or dates of school attendance/graduation from your application documents before submission and throughout our interview process.

• This role involves providing security consulting and assurance for assigned platforms, focusing on risk assessment, security vulnerability evaluations, and compliance.
• The role also involves overseeing interns and contractors, supporting advanced therapies projects, and tracking security metrics and reports.

• Performing risk calculators to identify high risk applications/projects; for those identified, performing application security questionnaires/assessments, identifying security gaps and appropriate remediation actions
• Support Pen Test executions for Key Advanced Therapies applications, identifying remediation plans for issues identified;
• Performing Incident trending to ensure security root causes are identified and remediated
• Evaluating static & dynamic vulnerabilities to identify TLM/ALM & other security issues along with the appropriate remediation actions.
• Large experience in SOX, IAPP, GxP, Privacy compliance requirements
• Provide local oversite for interns, employees/Contractors under my responsibility

• Providing a central point for SC security questions or queries on project support, connecting with the appropriate ISRM team member to ensure complete and accurate responses and/or appropriate involvement
• Navigating between all ISRM SC pillars to obtain knowledge regarding security issues
• Ensures appropriate controls are implemented for Car-T Applications and coordinates alignment with Internal Audit and IT Compliance
• Provide metrics and reports on a weekly basis tracking the entire portfolio, application assessment status, and Risk Acceptance status.

• Minimum of a Bachelor's degree in Information Security, Cybersecurity or equivalent.
• 5+ years of Information Security Compliance experience is required.
• Sox/Audit experience in pharmaceutical industry is require.
• Must have Cloud-based software controls OT and application security assessment experience.
• Excellent written and verbal communication skills is required.

EchoStar is reimagining the future of connectivity. Our business reach spans satellite television service, live-streaming and on-demand programming, smart home installation services, mobile plans and products.

Today, our brands include Boost Mobile, DISH TV, Gen Mobile, Hughes and Sling TV.

Our Technology teams challenge the status quo and reimagine capabilities across industries. Whether through research and development, technology innovation or solution engineering, our team members play a vital role in connecting consumers with the products and platforms of tomorrow.

Candidates must be willing to participate in at least one in-person interview, which may include a live whiteboarding or technical assessment session.

Within the Governance Risk and Compliance (GRC) team we are seeking a Compliance Analyst that interpret regulatory requirements into actionable oversight and testing so that we are able to demonstrate the strength of our systems and controls.  Experience in cybersecurity in areas such as PCI, CPNI, SOX and IT auditing would be great, but if you have skills aligned with these we’d still love to hear from you.

Key Responsibilities:

• Assist in preparing and executing annual PCI DSS assessments for Echostar businesses
• Designing and executing controls testing plans in conjunction with other members of the GRC team
• Work with other Information Security teams and the business in designing appropriate remediation plans and controls to improve management of cybersecurity risks
• Researching regulatory changes that may impact EchoStar, and managing our regulatory change process
• Support our obligations for regulatory filings, including PCI and CPNI.  
• Collaborate with internal stakeholders to gather evidence and address compliance gaps
• Review and analyze technical documentation, including system configurations and security policies as part of assessing regulatory compliance
• Maintain accurate compliance records

#LI-JZ2 

Education and Experience:

• Bachelor's degree in Information Technology, Information Security, or a related field
• Minimum of 2 years of experience in a compliance or information security role, preferably with exposure to PCI DSS or CPNI requirements 

Skills and Qualifications:

• Understanding of information security principles, risk management concepts, and regulatory compliance frameworks such as PCI DSS, NIST CSF, NYDFS, and CPNI
• Strong written and verbal communication skills, with the ability to interact effectively with technical and non-technical stakeholders
• Ability to work independently and as part of a team in a fast-paced environment
• Proficiency in Google Workspace helpful
• Relevant certifications such as PCI QSA, Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or other security- or audit-related certifications are a plus

Visa sponsorship not available for this role

We offer versatile health perks, including flexible spending accounts, HSA, a 401(k) Plan with company match, ESPP, career opportunities, and a flexible time away plan; all benefits can be viewed here: DISH Benefits.

The base pay range shown is a guideline. Individual total compensation will vary based on factors such as qualifications, skill level, and competencies; compensation is based on the role's location and is subject to change based on work location. 

Candidates need to successfully complete a pre-employment screen, which may include a drug test and DMV check. Our company is committed to fostering an inclusive and equitable workplace where every individual has the opportunity to succeed. We are dedicated to providing individuals with criminal or arrest records a fair chance of employment in accordance with local, state, and federal laws.

The posting will be active for a minimum of 3 days. The active posting will continue to extend by 3 days until the position is filled.

EchoStar is reimagining the future of connectivity. Our business reach spans satellite television service, live-streaming and on-demand programming, smart home installation services, mobile plans and products.

Today, our brands include Boost Mobile, DISH TV, Gen Mobile, Hughes and Sling TV.

Our Technology teams challenge the status quo and reimagine capabilities across industries. Whether through research and development, technology innovation or solution engineering, our team members play a vital role in connecting consumers with the products and platforms of tomorrow.

Candidates must be willing to participate in at least one in-person interview, which may include a live whiteboarding or technical assessment session.

Within the Governance Risk and Compliance (GRC) team we are seeking a Compliance Analyst that interpret regulatory requirements into actionable oversight and testing so that we are able to demonstrate the strength of our systems and controls.  Experience in cybersecurity in areas such as PCI, CPNI, SOX and IT auditing would be great, but if you have skills aligned with these we’d still love to hear from you.

Key Responsibilities:

• Assist in preparing and executing annual PCI DSS assessments for Echostar businesses
• Designing and executing controls testing plans in conjunction with other members of the GRC team
• Work with other Information Security teams and the business in designing appropriate remediation plans and controls to improve management of cybersecurity risks
• Researching regulatory changes that may impact EchoStar, and managing our regulatory change process
• Support our obligations for regulatory filings, including PCI and CPNI.  
• Collaborate with internal stakeholders to gather evidence and address compliance gaps
• Review and analyze technical documentation, including system configurations and security policies as part of assessing regulatory compliance
• Maintain accurate compliance records

#LI-JZ2 

Education and Experience:

• Bachelor's degree in Information Technology, Information Security, or a related field
• Minimum of 2 years of experience in a compliance or information security role, preferably with exposure to PCI DSS or CPNI requirements 

Skills and Qualifications:

• Understanding of information security principles, risk management concepts, and regulatory compliance frameworks such as PCI DSS, NIST CSF, NYDFS, and CPNI
• Strong written and verbal communication skills, with the ability to interact effectively with technical and non-technical stakeholders
• Ability to work independently and as part of a team in a fast-paced environment
• Proficiency in Google Workspace helpful
• Relevant certifications such as PCI QSA, Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or other security- or audit-related certifications are a plus

Visa sponsorship not available for this role

We offer versatile health perks, including flexible spending accounts, HSA, a 401(k) Plan with company match, ESPP, career opportunities, and a flexible time away plan; all benefits can be viewed here: DISH Benefits.

The base pay range shown is a guideline. Individual total compensation will vary based on factors such as qualifications, skill level, and competencies; compensation is based on the role's location and is subject to change based on work location. 

Candidates need to successfully complete a pre-employment screen, which may include a drug test and DMV check. Our company is committed to fostering an inclusive and equitable workplace where every individual has the opportunity to succeed. We are dedicated to providing individuals with criminal or arrest records a fair chance of employment in accordance with local, state, and federal laws.

The posting will be active for a minimum of 3 days. The active posting will continue to extend by 3 days until the position is filled.

About the job Information Security Compliance Specialist

Responsibilities:

• Conduct Security Assessment and Authorization (A&A) support for IT systems
• Conduct Security A&A documentation review
• Update IT Security Compliance SOPs
• Monitor and report on FISMA Compliance activities
• Conduct Plan of Action and Milestone (POA&M) management and quality control activities and ensure accuracy of the organization's Security A&A tool.
• Support Ongoing Authorization (OA) by review of the security controls

We're currently looking for an Information Security Compliance Analyst to join our team and play a critical
role in safeguarding our systems, data, and business operations. This role ensures adherence to relevant
regulatory, security and compliance standards, monitors compliance efforts, identifies areas for
improvements and supports internal and external audits. It also develops policies, translates technical
requirements into business-ready policies, and helps implement or coordinate necessary fixes.

Why Join Us?
• Comprehensive Benefits - Eligible to enroll in medical, dental, vision at affordable rates
• Supplemental Benefits - Eligible to enroll in life insurance, Short- & Long-Term Disability,
Critical Illness Insurance, Accident Insurance, Death and Dismemberment Insurance, and
Hospital Indemnity Insurance
• Retirement Savings - 401(k) with company match
• Paid Time Off - Holidays, sick time, vacation, and special "Happy Days" for life events
available day one
• Employee Discounts - Save on company products
• Career Growth - Opportunities for skill development and advancement

What You'll Do:
• Develop, maintain, and communicate IT security policies and procedures, including data
handling, access control, and incident response protocols
• Monitor adherence to security frameworks including NIST 800.171/53 (CMMC), ISO 27001,
TISAX, PCI-DSS, and other applicable standards
• Conduct risk assessments to identify vulnerabilities, threats, and evaluate the likelihood and
impact of potential risks
• Implement security controls such as firewalls, intrusion detection systems, and access control
mechanisms to protect systems and data
• Monitor and audit security compliance, ensuring all controls functions effectively meet
regulatory and internal policy standards, including onsite travel for physical observations
• Manage compliance-related issues by addressing and resolving identified violations or gaps
from audits or assessments
• Audit ongoing security awareness and compliance training given to employees to ensure
adherence to compliance needs
• Prepare for and participate in internal and external audits, ensuring the organization remains
compliant with industry standards and regulations
• Stay current on changes in security frameworks (CMMC, TISAX, PCI-DSS, etc.) and proactively
adjust policies and practices to align with evolving requirements
• Perform additional duties as assigned

What You Need:
• Strong knowledge of security policies, risk management, and IT compliance practices
• Familiarity with common security frameworks such as CMMC, TISAX, PCI-DSS, or similar
standards
• Familiarity with GRC (governance/risk/compliance) tools like Apptega or Archer
• Understanding of security controls, firewalls, intrusion detections systems, and access control
configurations
• Ability to work independently with minimal supervision while staying proactive
• Adaptability to perform effectively under pressure in a fast-paced, evolving environment
• Strong problem-solving skills with the ability to troubleshoot unique technical issues
• Professional demeanor with the ability to maintain a polished appearance
• Excellent verbal and written communication skills
• Strong commitment to maintaining confidentiality and data security
• Eagerness to stay current with emerging technologies and participate in ongoing training
• Associate degree in a related field or equivalent experience and certifications preferred
• Ability to lift, carry, or move up to 10 pounds regularly, and up to 25 pounds occasionally

PRO113

Nesco Resource offers a comprehensive benefits package for our associates, which includes a MEC (Minimum Essential Coverage) plan that encompasses Medical, Vision, Dental, 401K, and EAP (Employee Assistance Program) services.

Nesco Resource provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

EchoStar is reimagining the future of connectivity. Our business reach spans satellite television service, live-streaming and on-demand programming, smart home installation services, mobile plans and products. Today, our brands include Boost Mobile, Compliance Analyst, Security, Compliance, Information, Analyst, Regulatory