IT Compliance Analyst

SpecterOps is searching for a junior to mid-level IT Compliance Analyst to join our Compliance team, working to ensure that our business practices align with the compliance frameworks the company currently operates within. This position will aid in the growth and development of the Compliance team and IT solutions used to maintain the Compliance program. This role reports directly to the IT Compliance Manager.

This position’s primary duty will be supporting and documenting the use of IT solutions leveraged to manage various Compliance tasks in ensuring the availability, confidentiality, and integrity, of SpecterOps organizational data and systems.

Salary Range: Base salary annually, commensurate with experience

• $90,000 - $120,000

Location: This position is remote, based in the U.S. with optional travel quarterly for in person company events and other ad hoc meetings

• Candidate must be authorized to work and reside in the United States; we do not currently sponsor immigration visas

Responsibilities:

• Manage incoming security questionnaires and customer assurance requests and assessments end-to-end, coordinating with Engineering, Security, and other internal stakeholders to provide accurate, timely responses
• Maintain and update the customer assurance knowledge library and trust center documentation to ensure content is current and accurate
• Review incoming contracts and identify compliance-related requirements, obligations, or risks, escalating findings to Legal as appropriate
• Support the development and maintenance of reusable response frameworks and standard documentation to improve the efficiency of the customer assurance process
• Execute recurring compliance activities within assigned control domains, including evidence collection cycles, control attestations, and scheduled review tasks
• Manage findings and evidence renewals in the GRC platform, ensuring controls remain current and audit-ready
• Daily monitoring of compliance IT solutions for the identification and resolution of out of compliance end users, devices, and other company assets
• Contribute to the development, review, and maintenance of company policies, security controls, and supporting documentation
• Support the preparation for and completion of internal and external compliance audits, including evidence gathering and auditor coordination within assigned scope
• Stay current on the evolution of relevant compliance frameworks and communicate changes to team members and leadership
• Perform vendor due diligence and compliance reviews for vendor evaluation requests, documenting findings and requirements in relevant systems
• Coordinate with SecOps to review vendor risk findings and track remediation to resolution
• Support the continuous improvement of vendor risk assessment processes and documentation standards
• Stay up to date on the evolution of compliance frameworks, providing updates to team members, departments, and management when changes occur
• Educate and train team members, departments, and management on security best practices that align with compliance frameworks
• Additional duties as assigned

Requirements:

• 1-5 years of experience in IT Security, Compliance, Operations, or other technical, customer-facing roles within the tech industry
• Ability to quickly learn new technologies and have an ongoing desire to stay current with the latest developments in Compliance
• Strong attention to detail and written and oral communication skills
• Ability to organize and prioritize groups of tasks
• Desire to embody our core values of passionate curiosity, consistent improvement, empathy, sustainability, humility, and empowerment through transparency.
• Successfully complete a criminal background investigation
• Ability to work west coast hours
• Travel: up to 25%

Nice to haves:

• Bachelor of Science in Computer Science or related field is preferred
• Experience with compliance IT solutions like Conveyor and Drata
• Experience with compliance audits, working with external auditors
• Experience administering Active Directory or Azure
• Experience with open-source BloodHound, BloodHound Enterprise, or BloodHound CE

What We Offer:

• Health/Dental/Vision/life insurance: 100% covered for both the employee and their family
• Flexible time off policy
• 13 paid holidays annually
• 401(k) with up to 4% company match
• Stock options and bonus based on company performance
• Remote work: $1,500 first year allowance to set up home office
• $150 monthly cell phone and internet reimbursement
• $5,000 annual professional development allowance
• $5,250 towards continuing education or student loan repayment
• $1,200 annual budget for lifestyle, wellness, pet insurance or home office expenses
• A one-time $10,000 benefit towards family planning
• In person and virtual employee events throughout the year
• And of course, company swag!