Newfire Global Partners

Cybersecurity Compliance Analyst

Newfire Global Partners

full-time

Posted on:

Location Type: Remote

Location: Remote • 🇺🇸 United States

Visit company website
AI Apply
Apply

Job Level

JuniorMid-Level

Tech Stack

AWSCloudSDLC

About the role

  • Serve as the owner of the Vanta platform. Configure integrations, monitor failing tests, and ensure the platform reflects the organization's real-time security posture.
  • Gather, organize, and review audit evidence for SOC 2 controls. Ensure all evidence is current, accurate, and correctly mapped to the Trust Services Criteria.
  • Perform daily/weekly reviews of automated compliance monitors in Vanta. Proactively reach out to control owners (e.g., developers, HR) to fix failing controls (e.g., ensuring background checks are completed, laptops are encrypted, or PRs are approved).
  • Act as liaison with external auditors. Manage evidence requests.
  • Oversee the vendor onboarding process, ensuring third-party security reviews are documented and linked within Vanta.
  • Maintain and update internal security policies and procedures to ensure they align with current business operations and SOC 2 requirements.
  • Facilitate quarterly user access reviews for critical systems (AWS, GitHub, IDP) to ensure least-privilege access.

Requirements

  • 2–4 years of experience in IT compliance, internal audit, or risk management.
  • Strong working knowledge of SOC 2 Trust Services Criteria (Security, Availability, Confidentiality).
  • Hands-on experience using Vanta (or similar tools like Drata/Secureframe) to automate compliance.
  • Ability to understand technical evidence (e.g., cloud infrastructure settings, SDLC workflows, encryption standards) and communicate effectively with engineering teams.
  • Strong written and verbal communication skills; ability to chase down evidence from busy stakeholders.
  • Experience with ISO 27001, HITRUST, HIPAA, or GDPR.
  • Relevant certifications (CISA, CRISC, or CISSP).
  • Experience in a B2B SaaS environment.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
IT complianceinternal auditrisk managementSOC 2 Trust Services Criteriacloud infrastructure settingsSDLC workflowsencryption standards
Soft skills
communication skillsorganizational skillsstakeholder management
Certifications
CISACRISCCISSP