Sign upLog in

Security & Compliance Analyst

Managed IT & Security Provider

Alexandria, VA

Apply
JOB DETAILS
SKILLS
Access Control, Best Practices, Business Continuity Planning (BCP), CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Cloud Computing, Communication Skills, CompTIA Security+, Computer Security, Consulting, Customer Support/Service, Dental Insurance, Detail Oriented, Disaster Recovery, Document Management, Documentation, Documentation Models, Establish Priorities, Gap Analysis, Health Insurance, ISO (International Organization for Standardization), Incident Response, Multitasking, Organizational Skills, Presentation/Verbal Skills, Risk, Risk Management, Security Analysis, Security Information and Event Management (SIEM), Security Infrastructure, Service Level Agreement (SLA), Technical Leadership, U.S. National Institute of Standards and Technology (NIST), Vision Plan, Vulnerability Scanners, Writing Skills
LOCATION
Alexandria, VA
POSTED
21 days ago
Benefits:
  • 401(k)
  • 401(k) matching
  • Bonus based on performance
  • Company parties
  • Competitive salary
  • Dental insurance
  • Health insurance
  • Paid time off
  • Vision insurance

Overview


We are hiring a Security & Compliance Analyst to support multiple client environments with a focus on security operations, compliance readiness, and risk management. This role is hands-on and execution-focused, working closely with client IT leadership and internal teams to ensure security controls are effective, documented, and consistently maintained.


The Security & Compliance Analyst owns day-to-day security and compliance activities across clients, helping translate security findings into actionable remediation and keeping environments audit-ready without unnecessary complexity.

Key Responsibilities


Security Operations & Governance


  • Lead recurring security posture reviews with client IT teams

  • Review SOC findings, open risks, threat trends, and prioritized remediation actions

  • Track security posture and risk over time, not just during audits

Compliance & Documentation


  • Serve as the primary resource for compliance-related activities across security platforms

  • Maintain audit-ready documentation including policies, procedures, evidence, risk registers, and remediation logs

  • Document security system configurations, changes, and control maturity

  • Produce artifacts to support annual assessments and client audit requests

Access Control & Identity


  • Design, implement, and maintain role-based access control (RBAC)

  • Enforce least-privilege access standards

  • Manage and document access models and reporting visibility for stakeholders

Reporting & Metrics


  • Configure and maintain automated security and compliance reporting

  • Deliver regular reports covering incidents, vulnerabilities, SLAs, and compliance status

  • Clearly communicate security findings to both technical and non-technical audiences

Vulnerability & Risk Management


  • Review vulnerability scan results and security findings

  • Partner with IT teams to prioritize remediation based on risk and business impact

  • Track remediation progress and validate closure of findings

Disaster Recovery & Business Continuity


  • Support Disaster Recovery and Business Continuity planning activities

  • Participate in tabletop exercises and incident simulations

  • Document outcomes, gaps, and lessons learned

Client & Internal Support


  • Provide security and compliance support across multiple client environments

  • Assist with security assessments, gap analyses, and remediation planning

  • Help standardize security processes, documentation, and reporting across clients

  • Serve as an internal subject-matter expert for security and compliance best practices

Required Experience & Skills


  • 3–5+ years of experience in IT security, compliance, risk management, or related roles

  • Strong understanding of security operations, SOC workflows, and vulnerability management

  • Experience supporting audits or compliance frameworks such as SOC 2, NIST, CIS, or ISO

  • Proven ability to create and maintain clear, organized, audit-ready documentation

  • Experience implementing RBAC and least-privilege access models

  • Comfortable working across multiple environments with varying levels of security maturity

  • Strong written and verbal communication skills

Preferred (Not Required)


  • Experience in a managed services or consulting environment

  • Familiarity with MDR, SIEM, vulnerability scanning, and cloud security platforms

  • Experience supporting tabletop exercises or incident response planning

  • Security certifications such as Security+, CISSP, CISM, or similar

What Success Looks Like


  • Security risks are clearly documented, prioritized, and tracked to resolution

  • Audits and assessments are predictable and well-supported

  • Security documentation is current, accurate, and usable

  • Clients understand their security posture and next steps

  • Internal teams rely on you as a trusted security and compliance resource

Work Style


  • Organized, accountable, and comfortable owning outcomes

  • Able to manage multiple priorities without losing attention to detail

  • Practical, risk-focused, and business-aware

  • Willing to raise concerns when something is insecure, undocumented, or unclear


Flexible work from home options available.

About the Company

M

Managed IT & Security Provider

Resume Resources

Free Resume TemplatesFree Resume Builder