Figure

Cyber Compliance Analyst

Figure

full-time

Posted on:

Location Type: Remote

Location: Remote • California • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $80,000 - $100,000 per year

Job Level

Mid-LevelSenior

Tech Stack

Cyber Security

About the role

  • Align cybersecurity practices with external regulations (e.g., GDPR, HIPAA) and internal policies.
  • Conduct risk assessments and threat/vulnerability analyses across systems and networks.
  • Partner with SecOps to continuously monitor systems for threats and validate control effectiveness.
  • Recommend, implement, and validate security controls and best practices to reduce risk.
  • Develop, maintain, and socialize security policies, standards, and procedures. Contribute to incident response planning and post-incident reviews.
  • Document findings, quantify risk, and present recommendations to technical and executive stakeholders.
  • Track evolving threats, regulations, and industry trends to continuously improve the program.

Requirements

  • Familiarity with enterprise IT, networks, common threats, and core security tools.
  • Working knowledge of frameworks such as NIST and NICE for risk and capability mapping.
  • Understanding of data privacy laws and industry-specific regulations.
  • Ability to perform risk assessments, analyze data, and conduct threat modeling.
  • Clear, concise communication of complex technical risk to both technical and executive audiences.
Benefits
  • Comprehensive health, vision, and dental insurance with 100% employer-paid premiums for employees and their dependents on select plans
  • Company HSA, FSA, Dependent Care, 401k, and commuter benefits
  • Employer-funded life and disability insurance coverage
  • 11 Observed Holidays & PTO plan
  • Up to 12 weeks paid family leave
  • Continuing education reimbursement

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
risk assessmentsthreat analysisvulnerability analysissecurity controlsincident response planningdata privacy lawsthreat modelingNIST frameworkNICE framework
Soft skills
clear communicationconcise communicationstakeholder engagement