eTeam
Job Title: Compliance & Governance Associate
Location: San Antonio, TX
Duration:6 Months
Position Summary: We are seeking a driven and detail-oriented Compliance & Governance Associate with a focus on cybersecurity to support the implementation and enforcement of our security compliance and risk management initiatives. This role is critical in ensuring adherence to cybersecurity standards, regulatory requirements, and internal policies to protect our digital infrastructure and sensitive information.
Key Responsibilities: Assist in the implementation and monitoring of cybersecurity compliance programs, including NIST, ISO 27001, SOC 2, PCI-DSS, and other regulatory frameworks. Support internal and external audits by gathering evidence, coordinating responses, and maintaining accurate audit documentation. Help develop and maintain cybersecurity policies, standards, procedures, and controls. Track and document compliance gaps, and assist in managing risk remediation activities across departments. Collaborate with IT, Legal, and Security teams to ensure alignment with data protection regulations such as GDPR, HIPAA, or CCPA. Monitor for changes in relevant cybersecurity regulations and standards, and help assess their impact on the organization. Maintain governance records, such as risk registers, control matrices, and incident response documentation. Assist in the creation and delivery of cybersecurity awareness training programs for employees. Participate in vendor risk assessments and due diligence for third-party services. Qualifications:
Bachelor's degree in Cybersecurity, Information Technology, Business, or a related field. 1-3 years of experience in cybersecurity compliance, risk management, or GRC (Governance, Risk, and Compliance). Familiarity with cybersecurity frameworks such as NIST, ISO/IEC 27001, CIS Controls, SOC 2, or similar. Basic understanding of regulatory requirements like HIPAA, GDPR, or CCPA. Strong organizational, analytical, and problem-solving skills. Excellent communication and collaboration abilities. Proficiency in Microsoft Office and familiarity with GRC tools (e.g., RSA Archer, ServiceNow GRC, OneTrust, LogicGate) is a plus. Preferred Certifications (a plus, not required):
CompTIA Security+ Certified Information Systems Auditor (CISA) Certified in Risk and Information Systems Control (CRISC) Certified Information Security Manager (CISM) ISO 27001 Lead Implementer or Auditor
Position Summary: We are seeking a driven and detail-oriented Compliance & Governance Associate with a focus on cybersecurity to support the implementation and enforcement of our security compliance and risk management initiatives. This role is critical in ensuring adherence to cybersecurity standards, regulatory requirements, and internal policies to protect our digital infrastructure and sensitive information.
Key Responsibilities: Assist in the implementation and monitoring of cybersecurity compliance programs, including NIST, ISO 27001, SOC 2, PCI-DSS, and other regulatory frameworks. Support internal and external audits by gathering evidence, coordinating responses, and maintaining accurate audit documentation. Help develop and maintain cybersecurity policies, standards, procedures, and controls. Track and document compliance gaps, and assist in managing risk remediation activities across departments. Collaborate with IT, Legal, and Security teams to ensure alignment with data protection regulations such as GDPR, HIPAA, or CCPA. Monitor for changes in relevant cybersecurity regulations and standards, and help assess their impact on the organization. Maintain governance records, such as risk registers, control matrices, and incident response documentation. Assist in the creation and delivery of cybersecurity awareness training programs for employees. Participate in vendor risk assessments and due diligence for third-party services. Qualifications:
Bachelor's degree in Cybersecurity, Information Technology, Business, or a related field. 1-3 years of experience in cybersecurity compliance, risk management, or GRC (Governance, Risk, and Compliance). Familiarity with cybersecurity frameworks such as NIST, ISO/IEC 27001, CIS Controls, SOC 2, or similar. Basic understanding of regulatory requirements like HIPAA, GDPR, or CCPA. Strong organizational, analytical, and problem-solving skills. Excellent communication and collaboration abilities. Proficiency in Microsoft Office and familiarity with GRC tools (e.g., RSA Archer, ServiceNow GRC, OneTrust, LogicGate) is a plus. Preferred Certifications (a plus, not required):
CompTIA Security+ Certified Information Systems Auditor (CISA) Certified in Risk and Information Systems Control (CRISC) Certified Information Security Manager (CISM) ISO 27001 Lead Implementer or Auditor