5,932 Security Compliance jobs in the United States

Ocean Spray is hiring for a(n) Information Security Compliance Analyst! We're a team of farmers, thinkers, creators, and doers. Whatever your title, whatever your role - it always comes back to this: we're a farmer-owned co-op where everyone rolls up their sleeves to get the job done. Three maverick farmers started it all - and we've been making our own way ever since.

Position Location: We're all about flexibility. This will be a remote role based out of our corporate headquarters in Lakeville, MA. We are open to remote candidates.

A Day in the Life.

• Support the development and maintenance of security policies, standards, and procedures
• Conduct risk assessments and compliance reviews across systems and vendors
• Assist with internal and external audits, including evidence collection and remediation tracking
• Monitor and report on compliance with frameworks such as ISO 27001, NIST, GDPR, and CCPA
• Manage third-party risk assessments and vendor security reviews
• Collaborate with IT and business units to ensure security controls are implemented effectively
• Maintain documentation and dashboards for compliance metrics and reporting

What We Are Looking For:

• Bachelor's degree in Information Security, Computer Science, or related field
• 2-4 years of experience in information security, compliance, or GRC
• Familiarity with SAP GRC, cloud platforms (AWS, Azure), and security frameworks
• Strong understanding of regulatory requirements (GDPR, CCPA, SOX)
• Excellent communication and documentation skills
• Certifications such as CISA, CRISC, or Security+ are a plus

Education:

Work Experience:

Annual Salary:

The base salary range information above serves as a guideline of the position's typical hiring range.We value and appreciate what makes you unique and will consider a variety of factors when determining an offer.These factors include, but are not limited to, your skills and experience, external and internal benchmarks, as well as overall company considerations.Certain positions may be eligible for short-term and long- term incentive rewards. We also offer a competitive and comprehensive benefits program that supports all aspects of your health and well-being.

Benefits:

• Complete insurance package on Day-1 that includes a plethora of health and wellness programs
  • Health, Dental and Vision insurance
  • Health savings account
  • Flexible spending account
  • Life and accident insurance
  • Employee assistance program
  • Telehealth services
  • Fertility benefits
  • Transgender benefits
  • 1:1 health coaching and more
• 401(k) with up to 6% Company matching; additional potential discretionary match at year-end
• Short-Term Incentive/Performance bonuses
• Flexible scheduling options
• Vacation pay, up to three weeks of time (pro-rated for your first year of employment)
• Holiday pay for 12 holidays
• Career development and growth opportunities
• Tuition/Education assistance programs
• Access to LinkedIn Learning
• Scholarship programs for children of employees
• Parental leave
• Bright Horizons Family Solutions - Back-up care, tutoring, etc.
• Adoption assistance
• Bereavement leave
• Up to 300 fitness reimbursement
• Up to 300 massage reimbursement
• Employee appreciation events
• Employee discounts
• Charitable giving

Who We Are:

You might have our iconic cranberry juice in your fridge or have gotten into heated holiday debate about what's better - canned or fresh cranberry sauce. But did you know that the hardworking people growing the superfruit in our products are 700 family farmers that own our cooperative? They entrust us with what is most precious to them to create new and innovative products that will delight consumers and grow this beloved brand today and into the future.

Team members, farmers, consumers and communities alike--we value what makes us unique and strive to connect our farms to families for a better life by living our values:

• G rower Mindset - We embrace our grower-owners innovative spirit and heritage through confidence, learning and focus on the future.
• Sustainable R esults - Guided by purpose, we are focused on delivering results for our grower-owners.
• I ntegrity Above All - We are ethical, doing the right thing for our grower-owners, customers, consumers and each other
• Inclusive T eamwork - We build diverse and inclusive teams that strengthen our cooperative.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.

Arcosa, Inc. is seeking an Information Security & Compliance Analyst in our Dallas, TX headquarters. Reporting to the Senior Director of Cyber Security and Compliance, the Information Security Compliance Analyst will assist with the coordination and completion of government, regulatory, and compliance documents for Information Technology.

This position will develop and maintain standards, processes, and procedures to assess, monitor, report, escalate, and manage remediation of IT control and compliance related issues. They will work collaboratively with internal audit and technical teams in the design and implementation of IT controls. This role will also generate reports and/or metrics that help track compliance issues identified through the Security & Compliance Assessment process.

Arcosa, Inc. (NYSE: ACA) is a growth-oriented, publicly traded manufacturer and producer of infrastructure-related products and services. The company has businesses with leading positions in construction, energy, and transportation markets.

Responsibilities:

• Documenting, implementing, and assessing policies, processes, and procedures specific to IT compliance for ICFR regulations.
• Actively serves as primary point of contact for internal and external audits and provides IT management direction as to how to remediate pertinent action items.
• Partner with IT control owners in implementing and validating controls for Access Management, Release Management, Change Management and Vendor Management processes to ensure compliance with the IT Frameworks.
• Coordinate with control owners to ensure active management /monitoring of controls are operating effectively and timely.
• Manage annual IT testing for internal and external audits, risk assessments, and regulatory, legal and policy compliance collaborating with our external auditors.
• Assist with the requirements and achievement of appropriate certification programs surrounding information security.
• Facilitate user access reviews, exposure analysis and ensure respective remediation is performed in a timely manner.
• Advise and partner with IT teams on how to effectively comply with IT standards to proactively mitigate risks
• Provide guidance and ensure compliance with any applicable information security standards and regulations for employees, partners, and other third parties.
• Monitor, track and report status of security tasks and open remediation items.
• Manage Data Protection Program and ensure access to sensitive data is appropriately authorized.
• Evaluate control effectiveness of internal and external risk assessments.
• Develop procedures to support security related activities.
• Manage Third Party Risk Management program and ensure third party security risks are measured and monitored.
• Additional responsibilities as needed.

Requirements:

• Bachelor's degree in Business Administration, Accounting, Information Systems or related field preferred
• 7 plus years of experience in IT audit with information security background
• Demonstrated experience maintaining and updating policies and procedures
• Demonstrated knowledge of information security standards and methodologies with general understanding of security processes, tools and latest technologies
• Knowledge of PCI, SOC1 and 2, ISO, COBIT, SOX GCC, ITIL, HIPPA, Privacy Acts, and other IT compliance frameworks
  CISA or CIA certified candidates preferred
• Advance knowledge in Information Security Technologies
• Strong verbal and written communication skills
• Ability to work with minimal supervision, balancing a mix of resources, due dates and requirements.
• Detail-oriented with strong adaptability and capacity to work in fast-paced environments

:

:

Equal Opportunity Employer
This employer is required to notify all applicants of their rights pursuant to federal employment laws.For further information, please review the Know Your Rights notice from the Department of Labor.

• Lead client and vendor security assessments, including third-party reviews, risk assessments, and questionnaire responses.
• Build and manage workflows for vendor assessments and due diligence.
• Oversee compliance audits (SOC2, PCI, ISO27001, TruSight), including evidence collection and process optimization.
• Support the Information Systems Incident Response Team (ISIRT) during security events.
• Assist in developing requirements for security tools and operational procedures.
• Evaluate and recommend emerging security technologies and products.
• Provide off-hours support on a rotating and as-needed basis.
• Coordinate with external suppliers to resolve security incidents.

• Administer and monitor various security tools to ensure optimal performance and coverage.

• Conduct quarterly audits of systems in scope for compliance.
• Maintain incident logs and ensure readiness for ISO27001 certification.
• Investigate and remediate Microsoft Security alerts.

• Collaborate with Legal to support privacy regulations and ensure compliance with GDPR and other frameworks.

• Develop and implement Data Loss Prevention (DLP) rules for sensitive document handling.
• Enhance Insider Threat Protection capabilities.
• Maintain and update InfoSec policies and procedures.
• Provide organization-wide coaching and mentorship on security policies.
• Ensure regulatory and compliance requirements are consistently met.
• Establish and maintain a security framework and auditing process.
• Manage security questionnaires and third-party data security risk assessments.
• Analyze and investigate security anomalies using platform reports, logs, and alerts.

• Bachelor's degree in computer science, information technology, or equivalent experience.
• Eight or more years' experience in information technology support with at least five years of experience in system administration and system design.
• Security certification such as CISSP, CISA, or CISM are required. Technical certifications in Cisco and Microsoft products is preferred.
• Excellent communication and documentation skills.
• Strong experience with ISO27001, SOC 2, PCI DSS 4.x, GDPR, and other regulatory frameworks and privacy regulations.
• Ability to demonstrate ownership of systems and drive the technology forward to the goals of the company. Direct involvement in the annual planning and budgeting process for Information Technology.
• Strong communication skills and the ability to interact with other systems personnel in a team environment.
• Ability to maintain confidentiality pertaining to nonpublic business, financial, personnel, salary, and technological information, plans or data.
• Ability to think analytically to solve technical problems individually and in a team environment.
• Ability to effectively plan, schedule and coordinate projects and meet deadlines, managing multiple project concurrently.
• Ability to analyze and communicate technology performance results. Specific experience working with our current primary technology and software preferred.
• Ability to listen, understand and respond to external and internal customers' needs in a timely manner; customer service experience in a service-related industry preferred.
• Ability to work the time necessary to complete projects and/or meet deadlines.

• Develop, implement, and manage information security compliance programs aligned with industry best practices and regulatory requirements.
• Conduct regular internal audits and assessments to evaluate the effectiveness of security controls and identify areas for improvement.
• Assist with external audits and regulatory examinations, coordinating with internal teams and external auditors.
• Develop and maintain security policies, standards, and procedures to ensure compliance and protect sensitive data.
• Manage and track remediation efforts for identified compliance gaps and vulnerabilities.
• Stay current with evolving security regulations, standards, and threat landscapes, and update compliance programs accordingly.
• Develop and deliver security awareness training programs focused on compliance requirements.
• Perform third-party risk assessments to evaluate the security posture of vendors and partners.
• Collaborate with legal, IT, and business units to ensure a consistent approach to information security compliance.
• Maintain comprehensive documentation of compliance activities, audits, and risk assessments.

• Bachelor's degree in Information Technology, Cybersecurity, Law, or a related field.
• 3-5 years of experience in information security, compliance, or risk management.
• Solid understanding of major compliance frameworks such as GDPR, HIPAA, PCI DSS, ISO 27001, and SOC 2.
• Experience conducting security audits, risk assessments, and developing remediation plans.
• Familiarity with security technologies and controls.
• Excellent analytical, problem-solving, and documentation skills.
• Strong communication and interpersonal skills, with the ability to explain complex compliance requirements.
• Ability to work independently and manage multiple priorities in a remote setting.
• Relevant certifications such as CIPP, CRISC, or CISSP are a plus.
• High level of integrity and attention to detail.

• Develop and implement comprehensive information security compliance programs aligned with relevant regulations (e.g., GDPR, CCPA, HIPAA, PCI DSS).
• Conduct regular internal audits and assessments to ensure adherence to security policies and procedures.
• Manage external audits and assessments, serving as the primary point of contact for auditors.
• Identify compliance gaps and develop remediation plans to address identified risks.
• Stay current with evolving regulatory requirements and industry best practices.
• Develop and maintain security policies, standards, and guidelines.
• Oversee the implementation of security controls and measures to meet compliance obligations.
• Provide guidance and training to employees on security compliance matters.
• Manage vendor risk assessments and ensure third-party compliance.
• Collaborate with legal, IT, and business units to ensure a unified approach to security and compliance.
• Prepare and present compliance reports to senior management and relevant stakeholders.
• Lead the continuous monitoring and improvement of the compliance program.
• Manage security incident response related to compliance breaches.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, Law, or a related field.
• Minimum of 7 years of experience in information security, with a significant focus on compliance and risk management.
• In-depth knowledge of major compliance frameworks (e.g., NIST CSF, ISO 27001, SOC 2) and data privacy regulations.
• Proven experience in managing internal and external security audits.
• Strong understanding of security controls, risk assessment methodologies, and IT governance.
• Excellent analytical, problem-solving, and decision-making skills.
• Exceptional written and verbal communication skills, with the ability to articulate complex compliance requirements.
• Demonstrated leadership abilities and experience managing cross-functional teams.
• Relevant certifications such as CIPP, CRISC, CISA, or CISSP are highly desirable.
• Ability to work effectively in a hybrid work environment.

Job Description

Position Summary

This is a FULL-TIME, onsite position located in Omaha, NE. Active SECRET government security clearance required at the time of application.

NCC is seeking an Information Security Compliance Specialist for an upcoming contract.

Key Areas of Responsibility

• Planning: Cyber Operational Readiness Assessment Planning (CORA) consisting of the following:
  • Testing and analysis of all applicable STIGs.
  • Scheduling and implementation of all applicable STIGs.
  • Monitoring and execution of the quarterly revalidation schedule.
  • Monitoring emerging changes to the applicable STIGs outside of the quarterly schedules. (CDRL A003).
  • Meeting Support: The contractor personnel shall support the following: (a) briefing 557 WW leadership on Cyber Security updates; (b) preparing biweekly Cyber Security Update meetings; (c) meeting with stakeholders to facilitate Cyber Security collaboration and (d) obtaining input from stakeholders to present to 557 WW leadership. (CDRL A002, A003, A005).
  • Monitoring the cybersecurity risk and threat to the 557 WW’s cyber environment.
  • Assisting with the implementation plans for the 557 WW’s transition to a cloud environment.

Minimum Qualifications

• Active Secret Government Security Clearance.
• 5 years of relevant experience in Cyber Security and system accreditation.
• Experience in the following:
  • Endpoint Security
  • Assured Compliance Assurance Solutions (ACAS)
  • Threat hunting and risk analysis
  • Intrusion Detection Systems
  • DISA STIGS
• IAT Level II Certification

Preferred Qualifications

• Bachelors Degree in relevant field.

NCC provides reasonable accommodations to qualified individuals with disabilities. If you are an applicant that requires a reasonable accommodation, please email us. Please reference the position in your email.

NCC is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, ethnicity, ancestry, color, sex, religion, creed, age, national origin, citizenship status, disability, medical condition, military and veteran status, marital status, sexual orientation or perceived sexual orientation, gender, gender identity, and gender expression, familial status, political affiliation, genetic information, or any other legally protected status or characteristic. E-Verify Employer. VEVRAA Federal Contractor.

Remote – US | Full-Time | Entry-Level to Early Career
Join the team that’s powering a new era of knowledge work in the contact center.
 

At Balto, we help contact centers coach agents in real time, powering better conversations and business outcomes through AI. Our customers trust us with sensitive data—and we take that responsibility seriously. That’s where you come in.

We’re looking for a Jr. Information Security Compliance Analyst to join our growing security team. You’ll be hands-on in the day-to-day operations of our security and compliance program, helping ensure we meet the highest standards for protecting customer data and supporting industry certifications like SOC2 and PCI-DSS.

You’ll be on the front lines of our security compliance efforts, supporting day-to-day processes and helping us stay audit-ready. This includes:

• Daily monitoring of security logs and alerts for anomalies
• Conducting vendor security reviews and supporting due diligence assessments
• Answering security questionnaires from customers and prospects
• Performing PCI-DSS checks and assisting with other regulatory control reviews
• Executing QA checks on call audio to ensure compliance with privacy policies
• Supporting internal audits and compliance reporting
• Assisting with documentation, policy updates, and control testing

You’ll collaborate with Security, Engineering, and Customer teams—gaining a holistic view of what it takes to secure a modern AI-powered SaaS platform. This remote role can be completed from anywhere in the United States, but eligibility to work in the US is required. In addition, occasional travel for and participation in full-company in-person all-hands events up to 4 times a year is mandatory.

• You’re detail-oriented and curious about how systems work and stay secure
• You might have some experience in IT, security, risk, or compliance—or you’re eager to learn
• You’re organized and self-directed, but love collaborating to solve complex problems
• You’re a clear communicator and can translate technical info into human language

Bonus Points For:

• Familiarity with SOC 2, ISO 27001, PCI-DSS, or cloud security principles
• Experience with compliance tools like Drata, Tugboat Logic, or Vanta
• A Security+ or similar certification (or a plan to earn one)

At Balto, we don’t just build AI—we live it. If you’re not…

• Building your own GPTs in OpenAI
• AI-coding your own side projects in Replit
• Following the latest drops from Google, OpenAI, Anthropic, Meta, and xAI
• Reading essays, academic papers, and dev blog posts about LLMs
• Generating stunning visuals with MidJourney or videos with VEO

.then Balto might not be the right place for you.
But if that does sound like you? You're going to feel right at home.

• Fully remote team — work from anywhere in the US
• Mission-driven culture with smart, supportive, and AI-obsessed teammates
• Career growth — this role is built for someone who wants to level up fast
• Great benefits: healthcare, 401(k), unlimited PTO, learning stipends, and more

Ready to put your security skills to work at a company that breathes AI?
Apply here or send us your resume and a short note about what makes you curious.

Ardent Health is a leading provider of healthcare in growing mid-sized urban communities across the U.S. With a focus on people and investments in innovative services and technologies, Ardent is passionate about making healthcare better and easier to access. Through its subsidiaries, Ardent delivers care through a system of 30 acute care hospitals, 24,000+ team members and more than 280 sites of care with over 1,800 affiliated providers across six states.

POSITION SUMMARY:

The Senior Information Security Compliance Analyst will ensure the development and maintenance of ITGC policies and procedures in alignment with SOX, PCI, and HIPAA requirements. This role will assist in managing the Risk and Control Matrix (RACM), monitoring compliance, and conducting risk assessments across these regulatory frameworks. The position will work closely with IT leadership, subject matter experts, and Internal Audit to maintain a robust and comprehensive IT compliance program.

• Assist in designing, coordinating and executing ITGCs for internal / external audit to evaluate and ensure compliance with SOX 404, PCI DSS, and HIPAA.
• Collaborate with control owners and stakeholders to address identified compliance gaps or audit findings.
• Maintain the Risk and Control Matrix (RACM) by ensuring control descriptions are accurate, effective, and aligned with SOX, PCI, and HIPAA objectives.
• Conduct systematic risk assessments to identify, evaluate, and prioritize risks related to SOX, PCI, and HIPAA compliance.
• Develop and conduct training programs to educate control owners and stakeholders on SOX, PCI, and HIPAA compliance requirements.

Education & Experience:

• Bachelor's degree in Management Information Systems (MIS), Information Security, Accounting, Business Administration, or a related field.
• 5+ years of experience in information security compliance, IT Audit, or a related field
• CPA, CISA, CRISC, or CISSP certification, preferred.
• Previous experience in the Healthcare industry and/or publicly traded companies, preferred.
• Previous experience with Ardent Key Systems: Epic, Lawson, Active Directory, and SailPoint, preferred.
• Previous experience with AuditBoard, preferred.
  
  

Knowledge, Skills & Abilities:

• Strong understanding of SOX, PCI, and HIPAA compliance requirements, as well as familiarity with IT infrastructure and security architecture.
• Proven ability to understand business issues and objectives and translate them into compliance solutions.
• Proven experience working in highly ambiguous environments, with the capability to independently identify problems, develop solutions, and drive initiatives to completion.
• Familiarity with Microsoft O365 (word, teams, etc.) and ServiceNow, preferred.
• Exposure to Alteryx or related data analytics and automation tools, preferred.

#LI-AG1

As a Principal Information Security Compliance Analyst at Deluxe, you will play a crucial role in ensuring our organization meets and maintains the highest standards of security and compliance. We are seeking a detail-oriented and proactive individual to assist in internal and external risk and compliance audits, including PCI DSS, SOC 1/ 2, Sarbanes-Oxley, NIST CSF. Who will have significant experience and will be responsible for managing larger projects and mentoring junior staff.

Job Functions

• Ensure framework alignment with industry standards and regulatory requirements (NIST, ISO 27001, PCI-DSS, SOC 1/2, SOX). Lead strategic initiatives to enhance security and compliance. Develop and implement long-term risk and compliance strategies.

• Design and implement a comprehensive and tailored audit or assessment framework. Develop and maintain audit methodologies, tools, and processes. Engage stakeholders to integrate audit findings into the organization's strategic planning.

• Provide strategic compliance guidance to senior management. Lead the development and execution of comprehensive compliance training programs, policies and procedures.

• Review compliance assessments and validate mitigation strategies. Present findings and recommendations to senior management and stakeholders. Ensure evidence complies with security standards, controls, and regulations. Continuously monitor and report on the progress of mitigation efforts.

• Ensure ongoing compliance by staying current with regulations and industry best practices. Support the development of security and compliance policies. Assist with special projects in a dynamic, fast-paced environment.

Basic Qualifications:

• Bachelor's Degree in Information Security, Computer Science, Business or similar field

• 8 years of experience in Compliance frameworks and regulations

• Professional certifications such as PCI ISA, CISSP, CISA, CRISC

Preferred Qualifications:

• 9 years of experience in Compliance frameworks and regulations

• Professional certifications such as CISM, CIPP, CDSPE, CCSP, CGEIT.

• Proven capacity to lead large, cross-functional teams to drive organizational change.

• Proven capacity to execute long-term strategies aligned with organizational goals, while adapting to global market trends and challenges.

• Ability to effectively communicate complex ideas to senior management and stakeholders in high-stakes situations, and influence stakeholders at all levels, including board members and external partners.

• Demonstrated expertise in delivering measurable outcomes, drive performance improvements and lead large-scale transformation initiatives.

• Demonstrated ability to identify and mitigate complex risks that could impact the organization's strategic objectives and ensure success in a rapidly changing environment.

Benefits

In line with our commitment to employee wellbeing, our total rewards benefits package is designed to support the physical, financial, and emotional health of our employees, tailored to meet their unique and evolving needs. Our approach considers our employees' whole selves, ensuring they can thrive both in and outside of work. Here are some of the benefits we offer, which may vary based on role, location, or hours worked:

• Healthcare (Medical, Dental, Vision)

• Paid Time Off, Volunteer Time Off, and Holidays

• Employer-Matched Retirement Plan

• Employee Stock Purchase Plan

• Short-Term and Long-Term Disability

• Infertility Treatment, Adoption and Surrogacy Assistance

• Tuition Reimbursement

These benefits are designed to enhance the health, protect the financial security, and provide peace of mind to our employees and their families.

Deluxe Corporation is an Equal Employment Opportunity employer: All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, disability, sex, age, ethnic or national origin, marital status, sexual orientation, gender identity or presentation, pregnancy, genetics, veteran status or any other status protected by state or federal law.

Please view the electronic EEO is the Law Poster ( which serves to inform you of your equal employment opportunity protections as part of the application process.

Reasonable Accommodation for Job Seekers with a Disability: If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please direct your inquiries to .