Security Analyst (GRC & Security Operations)

Position Title: Security Analyst (GRC & Security Operations) Location: Remote (US) Pay Rate: $45.00 / Hourly Work Schedule: Part-time Department: Security Operations Reports To: Senior Manager, Security Engineering & Compliance Travel: Minimal Work Environment: Professional office setting FLSA Status: Exempt Benefits: This position is eligible for medical, dental, vision, and 401(k).

About the Role

Addison Group is partnering with our client, a fast-growing leader in supply chain resilience and risk management, to identify a Security Analyst (GRC & Security Operations) who will support the security program across governance, risk, compliance, and day-to-day security operations. This role offers hands-on exposure to real-world security challenges while working closely with senior and principal security engineers. As the organization continues to scale, this position will play an important role in supporting increasing security needs and requires someone who is highly motivated, detail-oriented, and comfortable working across both compliance and operational security workflows.

Responsibilities

Governance, Risk & Compliance (GRC)

• Assist with SOC 2 and other compliance frameworks by collecting, organizing, and maintaining audit evidence
• Respond to customer security questionnaires and RFI requests with accuracy and attention to detail
• Maintain risk registers and remediation tracking to ensure issues are documented and progress is visible
• Support periodic risk assessments and internal control reviews
• Help update and maintain security policies, standards, and procedures

Security Operations (SecOps)

• Monitor security alerts and escalate incidents following established procedures
• Assist with incident response investigations and contribute to post-incident reviews
• Support phishing simulations and security awareness initiatives
• Track vulnerability findings and remediation efforts across teams
• Maintain security dashboards and operational metrics

Cloud & Application Security Support

• Assist senior engineers with validating cloud security configurations
• Document cloud security controls, processes, and operational procedures
• Support vendor and third-party security reviews and risk assessments

Qualifications

• 1–3 years of experience in information security, IT, or compliance roles
• Foundational understanding of security principles and risk management concepts
• Strong analytical, documentation, and communication skills
• Self-motivated and detail-oriented with the ability to manage priorities in a fast-paced environment
• Bachelor’s degree required

Nice-to-Have

• Exposure to SOC 2, NIST 800-171, or ISO 27001 frameworks
• Familiarity with AWS or other cloud environments
• Familiarity with Microsoft enterprise tools
• Experience with SIEM, phishing simulation tools, or vulnerability management platforms
• Security certifications such as Security+

Top 3 Technical Skills

• SOC 2 and compliance evidence collection with strong documentation habits
• Risk management fundamentals including risk registers, remediation tracking, and control reviews
• Security operations fundamentals including alert monitoring, incident escalation, vulnerability tracking, and phishing support

Recruiter Screening Questions

• Walk me through your experience supporting SOC 2 or similar compliance frameworks. What evidence did you collect and how did you organize it?
• Have you maintained a risk register or remediation tracking? How did you track progress and communicate status?
• Tell me about your experience monitoring security alerts or supporting incident response. What was your escalation process?

Additional Recommended Questions

• Describe a time you responded to a customer security questionnaire or RFI. How did you ensure accuracy and timeliness?
• Describe a time you supported vulnerability management or phishing simulations. What tools did you use and how did you report results?

Addison Group is an Equal Opportunity Employer. Addison Group provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. Addison Group complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. Reasonable accommodation is available for qualified individuals with disabilities, upon request. IND 005-009 Apply tot his job Apply To this Job