Position Overview
We are seeking a Security Compliance Specialist to ensure that NexStratus operates securely and in full compliance with industry standards, frameworks, and regulatory requirements. This role will work cross-functionally to implement, monitor, and maintain compliance processes that align with enterprise-grade security expectations.
The Security Compliance Specialist will play a key role in developing, monitoring, and managing security compliance processes for the NexusAI platform and associated infrastructure. This role requires a strong understanding of compliance frameworks such as HIPAA, GDPR, SOC 2, and ISO 27001. The ideal candidate will combine technical knowledge, policy development expertise, and attention to detail to ensure our platform meets and exceeds client expectations and regulatory requirements.
Key Responsibilities
-
Security Compliance Management
-
Develop, implement, and maintain policies and procedures to ensure compliance with industry standards, including HIPAA, GDPR, SOC 2, and ISO 27001.
-
Collaborate with Security Architects, DevOps, and engineering teams to integrate compliance requirements into platform design and development.
-
Perform regular risk assessments and gap analyses to identify areas for improvement and mitigate compliance risks.
-
Monitor and document ongoing compliance efforts to support audits and client requirements.
-
-
Audit Readiness & Support
-
Prepare for and manage external audits, working with third-party auditors to ensure successful completion of security and compliance certifications (e.g., SOC 2 Type II).
-
Maintain comprehensive documentation of security controls, policies, and processes to demonstrate compliance with applicable frameworks.
-
Facilitate internal reviews and mock audits to ensure the organization is prepared for regulatory assessments.
-
-
Collaboration & Reporting
-
Work closely with cross-functional teams, including engineering, IT, legal, and product, to align security compliance objectives with business goals.
-
Provide clear, detailed compliance reports to leadership, stakeholders, and clients on the status of security controls and risk mitigation efforts.
-
Respond to client inquiries regarding NexStratus's compliance posture, security certifications, and data privacy measures.
-
-
Security & Privacy Best Practices
-
Stay current on evolving compliance requirements, security trends, and regulatory updates across supply chain, healthcare, and enterprise industries.
-
Ensure adherence to data privacy and protection standards for handling sensitive data, including personal, financial, and healthcare information.
-
Implement and monitor processes for secure data handling, encryption, access controls, and data retention in line with compliance guidelines.
-
-
Training & Awareness
-
Conduct security awareness training for employees to ensure compliance with security policies and promote a culture of security and compliance awareness.
-
Develop and maintain compliance documentation, including policies, SOPs, risk registers, and incident response plans.
-
Qualifications
Required:
-
Bachelor’s degree in Cybersecurity, Information Systems, Law, or a related field.
-
5+ years of experience in security compliance, audit readiness, or IT governance roles.
-
Strong knowledge of compliance frameworks, including HIPAA, GDPR, SOC 2, and ISO 27001.
-
Familiarity with data privacy regulations and their application in enterprise SaaS environments.
-
Hands-on experience performing risk assessments, managing audits, and documenting security processes.
-
Ability to collaborate effectively with technical and non-technical teams to align security practices with business goals.
-
Strong written and verbal communication skills, with experience developing compliance documentation and reporting to leadership.
Preferred:
-
Professional certifications such as CISSP, CISA, CISM, CHP (Certified HIPAA Professional), or ISO 27001 Lead Implementer/Auditor.
-
Experience working with enterprise environments that involve systems like TMS, WMS, or ERP.
-
Familiarity with cloud security frameworks and standards for platforms like AWS, Azure, or GCP.
-
Knowledge of secure AI/ML deployment practices and experience applying compliance to AI-driven platforms.
-
Experience handling healthcare data and compliance with frameworks like HL7 and FHIR.Experience supporting AI/ML pipelines and data-heavy workflows on cloud platforms.
Why Join NexStratus?
-
Gain hands-on experience in consulting with exposure to diverse projects and clients.
-
Be part of a forward-thinking team that values creativity, collaboration, and continuous improvement.
-
Enjoy opportunities for career advancement and professional growth in a fast-paced industry.
How to Apply?
Interested candidates are invited to submit their resume and a cover letter detailing their experience and why they are the ideal fit for this role to learnmore@nexstratus.com.
NexStratus is an equal-opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.