Information Security and Compliance Analyst

Description

About Asurity

Asurity Technologies Delivers Industry-leading SaaS Solutions For Lenders To Make Their Processes More Cost Effective, Timely, And Compliant. Some Of Our Offerings Include

• Propel - dynamically generated, compliant mortgage disclosures and closing documents.
• RegCheck - a new software product with API, UI and dashboard capabilities to integrate into lending underwriting and secondary market compliance review workflows.
• Asurity Services - together with our affiliate Sandler Law Group, provide fully outsourced closing services and regulatory expertise.
  
  

Position Overview

We are seeking an Entry-Level Information Security and Compliance Analyst to join our team. Reporting directly to the Chief Information Security Officer (CISO), this role will play a key part in managing client due diligence requests, Requests for Proposal/Information (RFP/RFI) responses, client-driven technology and security audits, and supporting internal compliance initiatives such as SOC 2 audits, security certifications, and vendor assessments.

Key Responsibilities

• Manage and respond to client/vendor due diligence requests, including questionnaires RPF/RFI security sections, and compliance inquiries.
• Maintain and update a centralized library of compliance and security documentation (SOC 2 reports, security policies, penetration test results, etc.).
• Assist the CISO in preparing for and supporting SOC 2 audits, including evidence collection and control documentation.
• Coordinate with internal stakeholders (IT, Legal, Product, and Operations) to ensure timely and accurate responses to compliance and security requests.
• Track and monitor due diligence and compliance deliverables, escalating risks or delays as needed.
• Contribute to continuous improvement of compliance processes, documentation, and knowledge management.
  
  

Requirements

• Bachelor's degree preferred in Information Systems, Business, Risk Management, Political Science, or related field (or equivalent experience).
• Strong organizational and analytical skills with high attention to detail.
• Excellent written and verbal communication skills.
• Ability to manage multiple tasks in a fast-paced environment.
• Proficiency in Microsoft Office Suite; familiarity with collaboration tools (e.g., SharePoint, Confluence, Jira, Slack) a plus.
• Demonstrated interest in information security, vendor risk management, and compliance.
  
  

Preferred (not Required)

• Familiarity with SOC 2, ISO 27001, or similar compliance frameworks.
• Experience completing due diligence or vendor risk questionnaires.
• Coursework or internship in cybersecurity, compliance, or related field.
  
  

What We Offer

• Direct Mentorship and hands-on training under the company's CISO.
• Exposure to real-world information security and compliance frameworks.
• Growth Opportunities within a rapidly expanding SaaS organization
• Competitive compensation and benefits package.