Security and Compliance Analyst

Position

Purpose:

Under general supervision, the Security & Compliance Analyst is responsible for supporting, operating, and continuously improving the organization’s security and compliance posture. This role manages and executes key workflows across security operations, vulnerability management, governance and compliance, vendor security, and audit support. The analyst ensures that policies, controls, and processes are well documented, evidence ready, and aligned with organizational standards and regulatory expectations.

• Monitor security alerts and telemetry; perform triage and document event closure.
• Maintain and refine security alerting rules, escalation processes, and response playbooks.
• Review privileged access and activity; prepare periodic oversight reports.
• Assist with incident response, including evidence collection and remediation tracking.
• Execute vulnerability scans and validate remediation activities through technical verification.
• Partner with IT teams to drive timely, risk-based remediation.
• Maintain and report on exposure metrics, remediation aging, and risk prioritization.
• Maintain the Security Risk Registry, ensuring accurate scoring, control mapping, and exception documentation.
• Update policies, standards, and procedures to reflect current technical and operational practices.
• Maintain mapped controls and supporting documentation aligned to industry frameworks.
• Deliver or support delivery of security awareness and targeted training.
• Coordinate intake, tracking, drafting, and evidence collection for internal and external audits.
• Maintain a current library of standardized audit responses and supporting evidence.
• Convert audit findings into documented and verified control improvements.
• Conduct vendor security assessments and review, track and validate closure of supporting technical evidence.
• Maintain vendor risk metrics and coordinate with procurement and business stakeholders.
• Support planning, testing, and documentation related to business continuity and disaster recovery.
• Maintain assigned inventories supporting resiliency initiatives.
• Produce regular metrics covering audit status, evidence completeness, remediation progress, and risk indicators.
• Maintain up-to-date runbooks, checklists, and process documentation.
• Implement small scale automation and reporting enhancements to improve efficiency.
• Complete all required training applicable to this position.
• Regular and predictable attendance is an essential function of this position.
• Other duties, as assigned.

• 2+ years of experience in security operations or relevant industry experience, and/or relevant certifications (e.g., Security+, CySA+, CISA, ISO 27001).
• Knowledge of security controls, safeguards, and industry frameworks (e.g., NIST, ISO, SOC).
• General technical knowledge of desktop, network and server environments.
• Competence with identity and access management, privileged access oversight, and log analysis.
• Familiarity with enterprise security tools (EDR, IAM, vulnerability management platforms).
• Strong documentation, communication, and analytical skills.

• The expected pay range for this position is $65,/year
• Paid Time Off (PTO) - 16 days annually + 9 Company paid holidays
• Competitive benefits - Medical, Rx, Dental, Vision, 401(k), Parental Leave, Life and Disability Insurance and more. You can review our benefits at  for more information.
• Promotional opportunities from within the Firm
• Employee Perks available from Verizon, Car Dealerships, Local Movie Theaters, Theme Parks, etc. Positive office environment with regularly scheduled parties, contests, and community support initiatives
• On site "Bistro To Go" vending and fresh foods available
• Free parking
• Free onsite fitness center for all employees

The physical and mental demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to remain in a stationary position at a workstation.

This position requires constant use of hands and fingers for typing and operating a computer and other office equipment. The employee must possess the ability to communicate information and ideas in writing and verbally. Occasional standing, walking, bending, and lifting of items weighing up to 50 pounds may be required. Close visual acuity is needed to read, analyze data, and view a computer terminal for extended periods.

This position operates in a professional office environment. It is representative of those an employee encounters while performing the essential functions of this job. The employee will experience low to moderate noise levels and moderate interruptions. The workspace is well-lit and climate controlled.

EEO Statement: Weltman is an equal…