
Senior Security Compliance Analyst (Remote - US) at Jobgether. This position is posted by Jobgether on behalf of FormAssembly. We are currently looking for a . Senior Security Compliance Analyst. in . United States. .. Join a growing, remote-first SaaS company as a Senior Security Compliance Analyst, where you’ll lead enterprise-level compliance efforts and own key security certifications such as FedRAMP, DoD IL2-5, SOC 2, and ISO 27001. You’ll work cross-functionally with teams across Engineering, Product, Sales, and HR to manage audit cycles, assess risk, and strengthen security practices. This role plays a pivotal part in maintaining the organization’s credibility with government and enterprise clients. It's an excellent opportunity for experienced professionals ready to make a high-impact contribution in a flexible, dynamic work environment.. . Accountabilities:. . Lead and manage compliance initiatives including FedRAMP, DoD IL2-IL4, SOC 2, PCI-DSS, and ISO 27001.. . Serve as the internal subject matter expert across all relevant security frameworks and regulations.. . Conduct detailed technical control assessments, policy reviews, and risk-based walkthroughs.. . Provide executive-level reporting on residual risk, vulnerabilities, and overall compliance posture.. . Support security automation and continuous monitoring projects to enhance efficiency.. . Respond to customer security assessments, vendor questionnaires, and RFPs with technical expertise.. . Guide teams through audit processes and ensure successful ongoing certification maintenance.. . Champion the development of policies, training programs, and implementation of best practices.. . Act as the primary point of contact for government security compliance matters.. . . Minimum of 5 years of experience managing security compliance audits, especially FedRAMP, DoD IL2-5, SOC 2, ISO 27001, and PCI.. . Deep understanding of NIST 800-53, DoD SRG, and associated continuous monitoring processes.. . Experience collaborating with Engineering, IT, Product, and other business teams.. . Familiarity with privacy and security frameworks like GDPR, CCPA, CPRA, and EU Cyber Resilience Act is a plus.. . Proven ability to produce clear and actionable risk assessments and remediation strategies.. . U.S. citizenship is required due to the nature of compliance regulations.. . Must hold either a . CISSP. or . Security+. certification in good standing.. . Additional certifications such as CISM, CISA, CRISC, SANS GIAC, or ISO 27001 Lead Auditor are a strong plus.. . Company Location: United States.