Senior Security Analyst
Pondurance
Cyber SecurityLinuxOpen SourceUnix
Senior Security Compliance Analyst
Bamboo Health
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇺🇸 United States
Visit company websiteJob Level
Senior
Tech Stack
AWSAzureCloudGoogle Cloud Platform
About the role
- Evaluate organizational policies and standards, ensuring that external and internal compliance requirements are met.
- Develop improvements to the compliance program through the use of AI, automation, and optimized processes.
- Work with external auditors and customers as necessary, providing them with required information and assistance.
- Improve efficiency using AI toolsets to respond to customer compliance requests while simultaneously exercising professional judgment to review outputs.
- Assist in policy documentation upkeep and development, ensuring clarity and applicability.
- Work closely with various teams, including IT, Legal, HR, and Operations, ensuring seamless compliance and security integration.
- Monitor and assist with the internal training programs on compliance requirements and best practices.
- Ensure Bamboo Health’s security operations remain aligned with both internal and external compliance requirements, contributing to ongoing internal and external audit reviews.
- Effectively communicate Bamboo Health’s compliance posture to both internal and external stakeholders, offering tangible proof of adherence to policy requirements.
- Partner with the Security Operations team, assisting in incident response, and identifying areas for continuous improvement within the compliance framework.
- Participate in the on-call rotation to address and escalate security incidents as they arise.
- Stay curious about emerging AI tools and how they can streamline or enhance work within your function.
Requirements
- 5+ years of experience utilizing information security best practices, compliance frameworks, and security tooling and processes.
- Direct experience with security frameworks and certifications like NIST SP 800-53, HITRUST, HIPAA, and/or FedRAMP.
- Experience with testing and measuring security controls.
- Ability to provide technical and operational support on security compliance initiatives.
- Expertise in security auditing and evidence gathering for compliance purposes.
- Experience in security best practices and controls applied in cloud-centric environments (AWS/Azure/GCP).
- Excellent written and verbal communication skills, with ability to build and communicate business rationale.
- Strong ability to learn quickly and work independently while being part of a team.
- Ability to build effective, sustainable working relationships internally, with customers, and external stakeholders.
- Working knowledge of incident response best practices and programs would be beneficial.
- Comfort using or learning AI-supported tools (e.g., ChatGPT, CoPilot, or role-specific tools) to improve daily workflows.
- A forward-thinking, curious mindset with an openness to experimenting with new technologies.
- Strong analytical and problem-solving skills, with sound judgment and creativity in designing solutions.
- Proven ability to thrive in fast-paced, high-growth, and rapidly evolving environments.
- Ability to work effectively in a remote-first environment, ensuring high-quality virtual interactions with minimal distractions.
Benefits
- Competitive compensation, including health, dental, vision and other benefits
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
information security best practicescompliance frameworkssecurity toolingsecurity auditingevidence gatheringsecurity controlscloud security (AWS/Azure/GCP)incident response best practicesAI tools
Soft skills
written communicationverbal communicationrelationship buildinganalytical skillsproblem-solving skillscreativityindependenceteam collaborationcuriosityadaptability
