Summary: We are seeking a detail-oriented Security Compliance Analyst to join our Risk and Security team, focusing on product security infrastructure and third-party vendor security posture. Highlights: 1. Continuously improve customer due diligence and vendor risk management practices 2. Key role in supporting sales lifecycle and internal resource for various teams 3. Monitor compliance with internal security standards and regulatory requirements **Whether you’re an experienced professional or just getting started, your contributions matter at Fortra. If you’re passionate about tackling meaningful challenges alongside talented team members committed to helping each other succeed, all while having lots of fun, we want to hear from you. We offer competitive benefits and salaries, personal and professional development opportunities, flexibility, and much more!** We are seeking a detail\-oriented Security Compliance Analyst to join our Risk and Security team. This role combines deep knowledge of Fortra’s product security infrastructure with the evaluation of assessing third\-party (vendors) security posture. The ideal candidate will be responsible for continuously improving the customer due diligence process and vendor risk management practices to ensure compliance with security and risk management requirements. This position plays a key role in supporting the sales lifecycle and an internal resource for Legal, People Experience, IT, DevSecOps and Security Audit.\&\#xa;\&\#xa; **WHAT YOU'LL DO** * Be a primary point of contact to internal sales/support for security compliance requirements. * Evaluate and respond to customer security requests such as questionnaires, documentation requirements, and contract reviews. * Join customer calls to explain Fortra’s technical and procedural controls and address security program questions in a clear and professional manner. * Scope and align policy, controls, and processes with customer request objectives. * Perform remediations, reply to customer follow\-up for security issues and join customer calls, working cross\-functionally with Sales, Product Management, and DevSecOps. * Utilize RFP tools to update Fortra’s security knowledge base and maintain required documentation. * Enhance Security Compliance responsibilities by accepting ownership of accomplishing new and unique requests. * Review customer contracts requirements for Security, DORA, Technical Operational Measures, and other addendums or exhibits to align with Fortra’s controls and practices. * Conduct vendor security reviews of prospective, new and existing vendors using Fortra’s GRC platform to send and review questionnaires and security documentation. * Monitor compliance with internal security standards, industry best practices, and regulatory requirements (e.g., SOC 2, ISO 27001, NIST, CIS). * Continuously monitor high risk vendors, vendors who significantly drop in scorecard, and other vendor risks via third\-party platform. * Document and report findings, recommend remediation, escalate as appropriate, and track resolution through completion. \&\#xa;\&\#xa; **QUALIFICATIONS** * Proficiency in reading and writing in the English language, with the ability to explain complex security concepts to technical and non\-technical stakeholders. * Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience). * Minimum 2 years direct experience or related background in technical support, risk management, IT/Security audit, or relevant experience within the software industry. * Hands\-on experience with GRC tools (Vanta, Hyperproof, OneTrust, Hypercomply, Responsive, Loopio etc.) * Familiarity with Cloud hosting infrastructure (AWS, Azure, GCP) * Knowledge of frameworks such as SOC 2, NIST, ISO 27001, FedRAMP or CIS Benchmarks. * Knowledge of legal and regulatory requirements such as EU AI Act, DORA, GDPR, and NIS2\. * Understanding of vulnerability management, reviewing security documentation such as SOC 2 reports, SIG/CAIQ questionnaires, InfoSec Policies, Business Continuity Plans etc. * Strong analytical and communication skills, with the ability to document technical issues and collaborate across teams. **PREFERRED SKILLS** * Industry certifications such as Security\+ and GSEC. * Experience working for a Cybersecurity organization. * Experience working for a Global organization supporting customers across multiple time zones. * Identifying gaps and maturing Security Compliance Programs at an Enterprise Level. At Fortra, we’re breaking the attack chain. Ready to join us? Visit our website to learn more about why employees choose to work for Fortra. Remember to connect with us on LinkedIn. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, veteran or disability status.