IT Risk and Compliance Analyst

TL;DR

IT Risk and Compliance Analyst: Evaluating, assessing, and monitoring the firm’s information security standards and regulatory compliance with an accent on ISO27001 audits and client security questionnaires. Focus on maintaining the Information Security Management Program, conducting vendor risk assessments, and driving incident response processes.

Location: Must be based in Washington, DC, and have legal right to work in the U.S. without sponsorship.

Salary: $90,000–$115,000

Company

hirify.global is a global consulting firm that combines academic credentials with business expertise to address complex challenges in economics, disputes, and corporate finance.

What you will do

• Provide ongoing IT security, risk, and compliance advice to business units.
• Complete client security questionnaires and assist with RFI responses.
• Maintain and update Information Security Program policies and procedures.
• Coordinate and participate in ISO27001 annual surveillance and recertification audits.
• Conduct risk assessments for vendors, business partners, and suppliers.
• Drive the security incident response process and support DR/BCP policy maintenance.

Requirements

• Must have legal right to work in the U.S. without company sponsorship.
• Associate Degree or equivalent work experience.
• 3 years of experience in major IT functions such as infrastructure, operations, or application support.
• 3 years of experience with ISO27001 annual surveillance and recertification audits.
• Familiarity with GRC tools and frameworks like SOC2, HIPAA, HITRUST, GDPR, and CCPA.
• Ability to travel for short periods as required by the role.

Culture & Benefits

• Highly visible, client-facing role within a global consulting environment.
• Opportunity to work across diverse industries including Healthcare, Financial Services, and Government Contracts.
• Reimbursement for all travel-related expenses.
• Equal Opportunity Employer committed to a diverse and inclusive workplace.