What are the responsibilities and job description for the Compliance Analyst, InfoSec position at Mitchell Martin, Inc.?
Job Details
Location: Hybrid within the Southeastern Region (Onsite 3 days per week)
Employment Type: Full-Time/Permanent
Description:
The Compliance Analyst - Information Security will coordinate and support the organization s information security compliance initiatives. This role includes executing risk assessments, supporting audits, managing vendor security evaluations, and ensuring adherence to cybersecurity frameworks. The ideal candidate has strong organizational and analytical skills, a keen attention to detail, and a proactive approach to compliance and risk management.
Responsibilities:
Information Security Compliance & Risk Management:
Support and execute compliance initiatives, including audits, risk assessments, and security questionnaires.
Conduct risk assessments for both current and prospective third-party vendors.
Identify vendor security risks and provide recommendations to mitigate threats.
Track remediation actions to ensure risk assessments are followed through to completion.
Documentation & Reporting:
Maintain accurate and organized documentation of security actions within IT Service Management and GRC systems.
Communicate risk assessment findings to vendor relationship owners and leadership teams.
Develop reports and documentation to demonstrate adherence to security controls, policies, and procedures.
Collaboration & Communication:
Work cross-functionally with teams to evaluate compliance with cybersecurity policies.
Provide insights on business challenges within the context of information security.
Actively engage with internal and external stakeholders to strengthen security posture.
Qualifications:
Required:
Bachelor s degree in Information Security, Cybersecurity, or a related field (or equivalent work experience).
1-3 years of experience in information security, compliance, or risk management.
Experience conducting security assessments, audits, and reporting findings.
Strong organizational and analytical skills with attention to detail.
Knowledge of major cybersecurity compliance frameworks (e.g., NIST, ISO) and obligations (e.g., PCI, GDPR).
Excellent verbal and written communication skills.
Ability to manage multiple priorities and work independently.
Preferred:
Experience working with PCI, DFARS, and GDPR compliance standards.
Previous experience in mid to enterprise-sized organizations.
Background in project coordination or project management.
Understanding of cybersecurity trends, best practices, and risk mitigation strategies.
Compensation:
$70,000 - $103,000 base salary
Benefits:
A comprehensive benefits package is offered; reach out to to find out more.
EEO Statement
Learn more about our EEO policy .
#LI-MI1
Salary : $70,000 - $103,000