Security Analyst (GIS Compliance and Resilience)

Kforce's client, a U.S.-based organization operating in a complex manufacturing and enterprise IT environment is seeking a Security Analyst or Senior Security Analyst to support information security compliance and organizational resilience initiatives. This individual contributor role reports to the Director of Compliance and Resilience and plays a key role in strengthening governance, risk, and continuity capabilities across the enterprise. This position is fully remote within the United States, with preference for candidates located in Central or Eastern time zones.

Duties

Control Implementation & Compliance

• Implement and document controls aligned with regulatory and industry frameworks
• Support IT General Controls (ITGCs) for financial reporting
• Assist with compliance efforts across standards including the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF), ISO 27001, PCI DSS, HIPAA, DFARS/CMMC, and privacy regulations
• Conduct compliance reviews, maintain documentation, review SOC reports, and support audit remediation efforts

IT Policy Governance

• Develop and maintain IT and security policies and standards
• Manage policy lifecycle activities within the GRC platform, ensuring alignment with regulatory and control requirements
• Administer policy exceptions and support awareness initiatives

Business Continuity & Disaster Recovery

• Support development and testing of business continuity and disaster recovery programs
• Conduct impact assessments, coordinate tabletop exercises, document results, and track corrective actions
• Maintain documentation to support audit and regulatory needs

Risk Management

• Identify and track compliance and operational risks within the risk register
• Support mitigation planning and report on remediation progress
• 5+ years of hands-on experience in IT Internal Audit, Information Security, Risk Management, Disaster Recovery, Business Continuity, or Operational Resiliency roles
• Working knowledge of established cybersecurity and compliance frameworks (e.g., NIST CSF, ISO 27001, CIS Controls, PCI DSS, HIPAA, DFARS/CMMC)
• Experience supporting IT General Controls and audit readiness activities
• Proven ability to design, test, and maintain disaster recovery and business continuity plans in technically complex environments
• Strong organizational, communication, and cross-functional collaboration skills
• Demonstrated success delivering audit and compliance documentation within defined timelines
• Relevant certifications such as CISA, CISM, CRISC, CISSP, CIA, Security+, ISO 27001 Lead Auditor, or resilience-focused credentials (e.g., CBCP, MBCP, ITIL) preferred

The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.

We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.

Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless

and until paid and may be modified in its discretion consistent with the law.

This job is not eligible for bonuses, incentives or commissions.

Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

By clicking “Apply Today” you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.