FIND_THE_RIGHTJOB.
Senior Security Compliance Analyst
JOB_REQUIREMENTS
Hires in
Not specified
Employment Type
Not specified
Company Location
Not specified
Salary
Not specified
Position Description
Position Title: Senior Security Compliance Analyst
Department: R&D Development Team
Location: Alpharetta, GA (Hybrid 3 days in office)
Reports to: Chief Information Security Officer
Job Scope and Accountabilities:
The Senior Security Compliance Analyst is a highly experienced individual contributor responsible for supporting and advancing Kahua’s enterprise security compliance and risk initiatives. Reporting directly to the Chief Information Security Officer, this role plays a critical part in ensuring the company’s adherence to complex regulatory and customer requirements across frameworks such as FedRAMP, SOC 2 Type 2, ISO 27001, and other certifications or authorizations as needed.
This individual will work closely with the Manager of Risk and Compliance to coordinate cross-functional compliance initiatives, ensure audit readiness, and assist with control implementation efforts. In addition to compliance program expertise, the ideal candidate brings architectural-level security insight, demonstrating a solid understanding of how controls apply across interconnected systems, applications, networking components, endpoints, and cloud services.
This role requires strong technical acumen to quickly gain a deep understanding of Kahua’s infrastructure, platforms, and security posture in order to support audits and respond effectively to customer security assessments. It is a high-impact role for a security professional who thrives in a fast-paced, high-growth SaaS environment and can balance tactical execution with long-term strategic thinking.
U.S. Citizenship is required for this position, and the candidate must be able to pass an initial employment and government background check to support HSPD-12 clearance eligibility.
Key Responsibilities:
- Drive and support ongoing security compliance activities across multiple frameworks, including FedRAMP, SOC 2 Type 2, ISO 27001, and additional certifications or attestations as required.
- Manage audit preparedness, evidence collection, documentation accuracy, and control lifecycle activities across internal teams.
- Translate regulatory and contractual requirements into technically sound, operationally feasible controls in coordination with technical stakeholders.
- Work closely with Engineering, DevOps, IT, and Product teams to evaluate, enhance, and validate the technical implementation of security controls in platforms such as Microsoft 365, Entra ID, and Microsoft Defender.
- Collaborate with the Manager of Risk and Compliance to track third-party risk management activities, coordinate internal risk assessments, and maintain continuous compliance operations.
- Serve as a key resource in responding to customer security assessments and questionnaires, demonstrating deep understanding of Kahua’s infrastructure, control implementations, and technical security posture.
- Analyze existing system architecture and operational processes to recommend improvements in security control design and implementation.
- Assist in maintaining and improving Kahua’s Information Security Management System (ISMS), policy governance process, and risk register.
- Support monthly compliance meetings, track program-level metrics, and contribute to long-term compliance strategy planning and reporting.
Education & Professional Experience:
- Bachelor’s degree in Information Security, Information Systems, Computer Science, or a related field (or equivalent practical experience).
- 5+ years of experience in information security, risk management, or compliance roles, with direct responsibility for one or more major security frameworks (e.g., FedRAMP, SOC 2, ISO 27001, NIST 800-53).
- Strong working knowledge of Microsoft cloud and enterprise technologies, including Microsoft 365, Entra ID, Teams, and Microsoft Defender.
- Demonstrated ability to assess, design, and validate security controls in technical environments aligned to compliance frameworks.
- Experience supporting compliance program operations in a SaaS or regulated cloud environment.
- Security-related certifications preferred (e.g., CISSP, CISA, CISM, CCSP, or ISO Lead Auditor/Implementer).
Interpersonal & Business Skills:
- Exceptional written and verbal communication skills; capable of engaging technical and non-technical audiences effectively.
- High level of accountability, self-direction, and ability to work both independently and collaboratively.
- Strong organizational and documentation skills, with attention to precision and consistency.
- Ability to manage multiple projects or tasks simultaneously and adapt to a dynamic environment.
- Analytical mindset with a problem-solving approach and sound judgment.
- Collaborative spirit with a willingness to support peers, mentor others, and contribute to a culture of continuous improvement.
- Alignment with Kahua’s core values of Teamwork, Customer Focus, Continuous Improvement, Performance, and Work-life Balance
At Kahua, we value a diverse, inclusive workforce and we provide equal employment opportunities for all applicants and employees. All qualified applicants for employment will be considered without regard to an individual’s race, color, sex, gender identity, gender expression, religion, age, national origin or ancestry, citizenship, physical or mental disability, medical condition, family care status, marital status, domestic partner status, sexual orientation, genetic information, military or veteran status, or any other basis protected by federal, state or local laws. If you are unable to submit your application because of incompatible assistive technology or a disability, please contact us at careers@kahua.com.
© 2025 Qureos. All rights reserved.