Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
InvestCloud, Inc.

Senior Specialist, Compliance

InvestCloud, Inc.

Senior Compliance Analyst at InvestCloud managing security and compliance controls. Collaborating with technical teams to ensure adherence to regulations and standards.

Posted 5/22/2026full-timeRemote • 🇺🇸 United StatesSenior💰 $90,000 - $110,000 per yearWebsite

Tech Stack

Tools & technologies
Cyber Security

About the role

Key responsibilities & impact
  • Maintain hardened baselines and secure configurations across systems and environments, mapped to policy and control requirements.
  • Proactively monitor for issues, investigate anomalies, and help drive timely remediation, with strong documentation and traceability.
  • Produce high-quality control documentation and evidence that stand up to internal audit, external audit, and client scrutiny.
  • Collaborate effectively with technical and non-technical stakeholders to embed security and compliance expectations into day-to-day operations.
  • Support execution of compliance and security risk assessments by gathering inputs from control owners, documenting risks, and tracking agreed actions.
  • Help design and execute control testing plans for key information security and compliance controls (e.g., access reviews, configuration baselines, logging and monitoring), documenting results and exceptions.
  • Maintain and refine control inventories, risk registers, and metrics/KRIs for information security and compliance, partnering with the Information Security Manager and Compliance to ensure data quality and timely updates.
  • Assist in evaluating the impact of new regulations, client obligations, and internal policies on existing controls, and help translate requirements into practical control changes.
  • Prepare and maintain control evidence (e.g., screenshots, configuration exports, reports, tickets) that demonstrate effective operation of information security and compliance controls for internal and external audits.
  • Partner with Compliance, Legal, and Information Security leadership to support SOC 2, ISO 27001, and related certification activities, including evidence collection, sample selection, and responses to auditor questions.
  • Coordinate and contribute to client security and compliance questionnaires, RFPs, and on-site/virtual reviews by providing accurate, timely information on controls, hardening standards, and governance processes.
  • Help organize and track findings and remediation actions arising from audits, certification reviews, and client / regulatory inquiries, ensuring owners, timelines, and status are clearly documented.
  • Ensure that day-to-day security and compliance practices align with written policies by reviewing procedures, identifying gaps, and proposing pragmatic updates.
  • Support the Information Security Manager and Compliance in reviewing, updating, and socializing policies, standards, and procedures, including mapping controls to specific requirements and frameworks.
  • Assist with access control and entitlement governance, including periodic user access reviews, privileged account checks, and validation of joiner/mover/leaver activities against policy and client expectations.
  • Help document and refine standard operating procedures (SOPs) for recurring controls (e.g., monitoring, evidence collection, configuration reviews, access reviews), ensuring they are clear, consistent, and audit-ready.
  • Operate day-to-day security monitoring processes, including review of alerts, logs, and dashboards for suspicious activity, misconfigurations, and policy exceptions, ensuring that events are handled in line with documented procedures.
  • Conduct initial triage and investigation of security and control-related events; document findings, classify impact and risk, and escalate to the Information Security Manager or other stakeholders as appropriate.
  • Support ongoing vulnerability, patching, and configuration management efforts by validating remediation status, tracking exceptions against policy and risk tolerance, and helping prioritize issues based on business and client impact.
  • Work closely with Information Security, Compliance, Legal, Infrastructure/Operations, Engineering, and Client-facing teams to clarify security and compliance requirements and ensure shared understanding of control expectations.
  • Participate in root-cause analysis and remediation planning for security findings, audit issues, client concerns, and control failures; help ensure corrective actions are risk-appropriate and sustainable.
  • Identify opportunities to streamline and automate compliance and security processes to improve consistency, coverage, and efficiency.
  • Contribute to training and awareness efforts by providing practical input on technical control topics for relevant audiences.

Requirements

What you’ll need
  • Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, Compliance/Risk, or a related field; or equivalent practical experience.
  • 4–7 years of progressive experience in information security, IT risk, or compliance (or a closely related technical risk role), preferably in B2B SaaS, FinTech, or financial services technology.
  • Hands-on experience with: Security monitoring and incident/control event triage (e.g., SIEM, log analysis tools, ticketing systems).
  • System hardening and secure configuration for servers, applications, or network devices, aligned to documented standards.
  • Vulnerability and patch management processes, including coordination with infrastructure and application teams and tracking of exceptions.
  • Operating or testing governance, risk, and compliance (GRC) controls, such as access reviews, policy attestations, or control testing.
  • Familiarity with relevant security and compliance frameworks (e.g., SOC 2, ISO 27001) and basic understanding of data protection and client/vendor oversight expectations in a global context.
  • Strong analytical and documentation skills, with the ability to produce clear, audit-ready evidence, control narratives, and process documentation.
  • Demonstrated ability to work cross-functionally, manage multiple workstreams, and follow through on remediation actions to closure.

Benefits

Comp & perks
  • medical/Rx
  • dental
  • vision
  • disability
  • life/AD&D insurance plans
  • Flexible Savings Account (FSA)
  • Health Savings Account (HSA)
  • Employee Assistance Plan (EAP)
  • health advocacy
  • voluntary ancillary plans (accident, critical illness, hospital indemnity, legal, identity theft, auto/home, and pet insurance)
  • 401(k) retirement savings plan with company match
  • paid time off

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
security monitoringincident triagecontrol event triagesystem hardeningsecure configurationvulnerability managementpatch managementgovernance risk compliance (GRC)control testinglog analysis
Soft Skills
analytical skillsdocumentation skillscross-functional collaborationproject managementremediation follow-through
Certifications
SOC 2ISO 27001