Sr. IT Security Compliance Analyst
This is a remote, contract to hire role based out of the Dallas, TX area. Sr. IT Security Compliance Consultant Remote but prefer DFW, EST or CST Contract to Hire Job Description: The client is seeking a IT Security Compliance Analyst to assist our IT Security Team in providing comprehensive IT security governance and compliance. This is a pivotal role responsible for ensuring compliance and managing risk mitigation strategies. The successful candidate will have a proven track record in cybersecurity, governance, risk, and compliance, as well as vulnerability management and PCI compliance. Key Responsibilities: · Engage with IT security engineers, overseeing daily operations including anti-virus protection, vulnerability management, and logging/monitoring activities. · Develop, implement, and maintain IT security policies, standards, and procedures. · Manage the deployment and operation of security technologies. · Oversee vulnerability management programs, including identifying vulnerabilities, developing remediation plans, and tracking issue resolution. · Drive initiatives to enhance security to protect from malicious content. · Oversee compliance with regulatory requirements, frameworks, and industry standards, including PCI DSS, NIST, and ISO 27001. · Facilitate PCI, SOC, and other assessments, manage remediation efforts, and ensure ongoing compliance. · Maintain a robust Governance, Risk, and Compliance (GRC) framework to align security strategies with organizational objectives. · Perform risk assessments to identify, analyze, and prioritize IT security risks, creating mitigation plans to reduce exposure. · Manage and coordinate audits, including external and internal audits, and ensure findings are addressed effectively and promptly. · Monitor and report on key security metrics, providing visibility into risk levels and compliance status for senior leadership. · Collaborate with business units to embed risk management practices into decision-making processes. · Collaborate with cross-functional teams to support annual audits, risk assessments, and compliance activities. · Identify and mitigate IT security risks, ensuring robust risk management processes are in place. · Assist in response to clients security questionnaires. Qualifications: · 7+ years of experience in IT security operations, governance, risk, and compliance. · Deep knowledge of PCI, SOC, GDPR, CCPA compliance requirements, audit management, and remediation processes. · Extensive experience with GRC tools, platforms, and methodologies, ensuring effective integration into IT workflows. · Proficiency with security tools and technologies such as SIEM, FIM, IPS, web proxies, and email gateways. · Strong understanding of cybersecurity frameworks, best practices, and regulatory requirements (e.g., NIST, ISO 27001). · Demonstrated ability to lead risk management initiatives and build risk-aware organizational culture. · Certifications such as CISSP, CISM, CRISC, or CISA are highly desirable. · Strong interpersonal and communication skills, with the ability to collaborate effectively across teams and influence stakeholders. Preferred Skills: · Experience with cloud security and modern infrastructure platforms. · Proven ability to manage and resolve security incidents effectively. · Strategic thinker with the ability to balance security objectives with business needs. We would love to have you join our team! ECCO Select is committed to hiring and retaining a diverse workforce. ECCO Selects policy is to provide equal opportunity to all people without regard to race, color, religion, national origin, ancestry, marital status, veteran status, age, disability, pregnancy, genetic information, citizenship status, sex, sexual orientation, gender identity or any other legally protected category. Equal Employment Opportunity is The Law This Organization Participates in E-Verify Apply Job!