The CompanyISA Consulting is an IT company offering end-to-end solutions in Digital Transformation, Digital Consulting and Business Process Services - supporting all Tech Stacks. Collectively we service a multitude of clients across industries and company verticals. We are a culmination of some of the brightest Full Stack Developers, Data Engineers, Architects, Project Managers, Quality Analysts, Strategists, spanning across multiple time zones.Job SummaryThe Senior Compliance Analyst ensures the organization’s adherence to critical compliance frameworks such as SOC 2, ISO 27001, and FedRAMP, while proactively managing risks and driving process improvements. This role is pivotal in maintaining trust with customers, stakeholders, and regulators by tracking compliance obligations, coordinating audits, and implementing scalable governance solutions. The Senior Compliance Analyst also supports security initiatives, responds to customer inquiries, and collaborates with cross-functional teams to build and maintain a robust compliance program.Responsibilities & DutiesLead efforts to maintain continuous compliance with SOC 2, ISO 27001, and other relevant standards (e.g., FedRAMP, GDPR, HIPAA).Plan, coordinate, and execute internal and external audits, ensuring effective and timely resolution of findings.Triage and manage responses to customer security and compliance inquiries, providing accurate and transparent communication.Validate and enforce role-based access controls (RBAC) and least privilege access requirements, including ongoing monitoring and reporting.Develop and automate compliance-related processes, such as control documentation, process operation, and monitoring workflows.Coordinate vendor risk management processes, including onboarding approval workflows, security assessments, and offboarding procedures.Prepare and deliver monthly and quarterly compliance reports (e.g., vulnerability, risk, and change management).Oversee privacy assessments and maintain certifications under frameworks such as the Data Privacy Framework (DPF).Conduct annual business impact assessments and contribute to enterprise risk management initiatives.Track contractual compliance obligations and ensure timely fulfillment in collaboration with legal and procurement teams.Support compliance-related initiatives and contribute to organizational policies and procedures as needed.Mentor junior compliance analysts and provide guidance on best practices when required.Requirements and SkillsAdheres to a “trust but verify” philosophy, building strong relationships while maintaining accountability.Detail-oriented, with a can-do, solutions-oriented approach to identifying, documenting, and resolving issues.Obsessive about documentation, ensuring processes are clear, replicable, and well-maintained.Strong critical thinking and problem-solving abilities, with a proactive mindset for improvement.Excellent communication and writing skills, with the ability to convey complex concepts to diverse audiences.Seeker of excellence, with an unrelenting pursuit of process and programmatic improvement.Ethical and unselfish team player, capable of addressing non-compliance effectively and diplomatically.Quick learner, with the ability to independently understand and apply new technologies and compliance frameworks.Education & Experience5+ years of experience in Governance, Risk, and Compliance or a related field, with expertise in managing compliance frameworks such as SOC 2, ISO 27001, and FedRAMP.Advanced understanding of audit principles and practices, including conducting internal control audits and risk assessments.Experience developing and defining standard operating procedures (SOPs) in collaboration with process owners.Proven ability to monitor, interpret, and implement updates to compliance standards.Strong attention to detail and ability to prioritize competing tasks in a fast-paced environment.Preferred Certifications:Certified Information Systems Auditor (CISA)Certified in Risk and Information Systems Control (CRISC)ISO 27001 Lead Auditor or Lead Implementer CertificationAdditional certifications such as CISSP, CIPP/E, or CISM are a plusHiring PolicyThis job description may evolve over time. ISA Consulting is dedicated to diversity and inclusion, ensuring a fair workplace for all, regardless of race, color, religion, gender, national origin, age, disability, or any other protected status.