Senior Security Analyst - Compliance

Job Details

Description Position Title: Senior Security Analyst

Location: HOUSTON, TX

FLSA Class: EXEMPT

Responsible to: Lead Security Architect

Position Summary:

The Senior Security Analyst - Compliance will ensuring our organization’s adherence to regulatory requirements, industry standards, and internal policies. The Senior Analyst will collaborate across IT, Security, Legal, Engineering, and Business units to monitor compliance posture, support audits, manage security assessments, and strengthen our risk and compliance framework.

What You’ll Do

- Compliance & Regulatory Oversight

- Monitor, assess, and maintain compliance with frameworks such as SOC 2, NIST, and ISO 27001, as applicable.

- Support certification, attestation, and regulatory audit activities.

- Maintain evidence repositories and coordinate responses for internal and external audits.

- Policy & Procedure Management

- Develop, maintain, and enforce security policies, standards, and procedures.

- Educate employees on compliance requirements and best practices.

- Ensure alignment of security operations with company policies and legal obligations.

- Risk Management & Assessments

- Conduct security and compliance risk assessments across systems, vendors, and business processes.

- Support regular vulnerability assessments and penetration testing to identify and address system weaknesses.

- Monitor, prioritize, and manage risks from IT and Operational Technology (OT) environments

- Track remediation efforts and verify corrective actions are implemented.

- Integrate vulnerability scanning tools for live risk scoring

- Maintain and manage a centralized risk register tied to controls, with real-time updates.

- Security Awareness & Training

- Support ongoing compliance training initiatives.

- Communicate regulatory and policy updates to stakeholders.

- Monitoring & Reporting

- Track compliance metrics and prepare regular reports for leadership, IT Security Council, and audit committees, as required.

- Monitor security systems, including SIEM tools, EDR, DLP, IPS systems, and other security tools to identify and respond to potential threats in real time.

- Support investigations of security incidents, perform root cause analysis, and coordinate remediation efforts to minimize impact.

- Maintain and manage updates to policies (e.g. cybersecurity, incident response, disaster recovery) in a centralized, version-controlled repository.

- Escalate non-compliance issues and propose remediation strategies.

Other Requirements

- Bachelor’s degree in Information Security, Computer Science, Risk Management, or related field (or equivalent work experience).

- 5+ years of experience in information security, compliance, or risk management, with at least 2 years of experience in a senior or lead role.

- Strong knowledge of regulatory frameworks such as SOC 2, ISO 27001, NIST CSF, GDPR, or CCPA.

- Experience supporting audits, evidence gathering, and compliance assessments.

- Familiarity with GRC (Governance, Risk, and Compliance) platforms (e.g., Drata, OneTrust, Archer, ServiceNow GRC).

- Excellent written and verbal communication skills.

Nice To Have

- Relevant certifications such as CISA, CISSP, CISM, or CCSK.

- Experience in cloud security compliance (AWS, Azure, GCP).

- Knowledge of third-party/vendor risk management.

VoltaGrid is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, creed, color, religion, alienage or national origin, ancestry, citizenship status, age, disability or handicap, sex, marital status, veteran status, sexual orientation, genetic information, arrest record, or any other characteristic protected by applicable federal, state or local laws.

Our management team is dedicated to this policy with respect to recruitment, hiring, placement, promotion, transfer, training, compensation, benefits, employee activities, and general treatment during employment.