# Senior Security & Compliance Analyst
**Company:** [Mntn](https://hotfix.jobs/companies/mntn)
**Location:** Remote
**Experience:** 5+ years
**Skills:** Amazon Web Services, GCP, Kubernetes, Sox, Soc2, ISO 27001, GDPR, Grc Tools, Cisa, Cissp
**Posted:** 2026-04-28
> Maintains security and compliance for tech platform, owns SOX/SOC2 audits, refines controls, and responds to customer due diligence. Requires 5+ years experience with standards like SOX/SOC2, cloud knowledge, and certifications like CISA/CISSP.
## Job Description
## What You’ll Do
- Maintain a deep understanding of our platform and its supporting infrastructure and processes, as well as how our compliance obligations apply to that environment.
- Provide responses to and maintain reference material for customer inquiries and due diligence procedures that involve technology compliance and participate in discussions for security and compliance assessments.
- Continuously confirm and refine MNTN’s internal control framework and related documentation (e.g., policies, procedures, narratives, training material) and contribute to ongoing controls development and improvement.
- Own evidence collection for our various audits, especially SOX and SOC2.

## What You’ll Bring
- 5+ years of security or compliance analysis, or assurance/advisory experience, including building controls in the technology space.
- A thorough understanding of technical environments, and the ability to communicate with subject matter experts about technical and operational security controls.
- Experience mapping and rationalizing controls to meet requirements across multiple information security/technology compliance standards (SOX, SOC2, ISO 27001, GDPR, IT General Controls).
- Excellent written and verbal communication skills to communicate details of a security program to a wide spectrum of audiences, including customers.
- Strong analytical skills and attention to detail.
- Flexible and can adapt to a changing environment.
- Self-directed and take initiative on projects and tasks, and in identifying gaps related to security controls, with minimal day-to-day oversight/direction.
- Knowledge of **Amazon Web Services**, **Google Cloud Services**, and **Container technologies**.
- **CISA**, **CISM**, **CISSP**, or related certification.
- Experience using governance, risk management, and compliance (**GRC**) tools.
**Apply:** https://hotfix.jobs/jobs/senior-security-compliance-analyst-at-mntn-39a99511-5058-4481-a208-867d838d991c
**Canonical:** https://hotfix.jobs/jobs/senior-security-compliance-analyst-at-mntn-39a99511-5058-4481-a208-867d838d991c