Information Security Analyst/Compliance Lead - CONTRACT

Cal Net Technology Group

CA(remote)

JOB DETAILS
SKILLS
Auditing, Automation, Cloud Computing, Computer Security, Documentation, Embedded Systems, HIPAA (Health Insurance Portability and Accountability Act), Healthcare, IR (Infrared), ISO (International Organization for Standardization), Incident Response, Information/Data Security (InfoSec), Leadership, Microsoft Windows Azure, Organizational Skills, PCI-DSS, Regulatory Compliance, Risk, Security Analysis, Security Architecture, Security Auditing, Security Monitoring, U.S. National Institute of Standards and Technology (NIST)
LOCATION
CA
POSTED
1 day ago

CONTRACT OPPORTUNITY - SECURITY & COMPLIANCE

Security Analyst / Compliance Lead

Contract | Remote (U.S.-Based) | Mid-July - December 2026

Engagement Type

Contract - 1099 preferred

Rate

Commensurate with experience - details provided on initial call

Duration

Approximately 5.5-6 months - mid-July through December 31, 2026

Location

Fully remote - U.S.-based only

Hours

Full-time dedicated resource

Start Date

Mid-July 2026

The Opportunity

A fast-growing healthcare services company is undergoing its first SOC 2 audit and building its information security program from the ground up. The organization operates in a HIPAA-compliant, high-trust environment and is now taking on enterprise clients who require formal compliance credentials.

We are placing one Security Analyst / Compliance Lead as a dedicated, embedded resource. This person will function as an extension of the internal team - owning day-to-day security operations and SOC 2 evidence collection. This is a hybrid role, not a senior architect or vCISO seat, and it does not involve facing the auditor directly.

What You Will Do

  • Upload and manage security policies within a leading compliance automation platform
  • Gather, organize, and upload evidence for SOC 2 controls across the defined audit scope
  • Map evidence to applicable Trust Service Criteria; identify and flag gaps
  • Support remediation efforts and compensating controls as audit findings surface
  • Monitor and triage EDR alerts; perform initial investigations on security incidents
  • Execute incident response procedures in accordance with the client's IR plan
  • Handle ad hoc security and compliance tasks as directed by client leadership
  • Support the team in establishing repeatable security processes as the program matures

Required Qualifications

  • Hands-on experience with SOC 2 compliance - familiarity with Trust Service Criteria, evidence collection, and control mapping
  • Proficiency with Vanta or a comparable GRC / compliance automation platform
  • Working knowledge of CrowdStrike or comparable EDR platforms for alert triage and basic incident response
  • Understanding of HIPAA compliance requirements and high-trust environments
  • Ability to translate technical security controls into audit-ready documentation
  • Strong organizational skills - able to independently manage a large volume of evidence across multiple control areas
  • Available to start mid-July 2026 and commit through December 31, 2026
  • U.S.-based, available to work fully remote

Preferred Qualifications

  • Prior experience in a healthcare or health services organization
  • Familiarity with third-party audit firms and evidence submission processes
  • Exposure to additional frameworks such as ISO 27001, NIST RMF, GDPR, or PCI DSS
  • Experience with Azure environments or cloud-hosted infrastructure
  • Background in GRC (Governance, Risk, and Compliance) in addition to hands-on security operations

What This Role Is Not

  • Not a senior security architect or vCISO seat - this is a mid-level, hybrid role
  • Not the primary interface with the auditor - client leadership owns that relationship
  • Not initially scoped for vulnerability management or third-party risk - those may be added as the engagement grows

This is a confidential opportunity. Identifying details have been withheld intentionally.

About the Company

C

Cal Net Technology Group