Senior Security Risk & Compliance Analyst

Senior Security Risk & Compliance Analyst APCO Holdings - 3.2 Norcross, GA Job Details Full-time 1 day ago Benefits Paid holidays Health insurance Dental insurance Paid time off Vision insurance 401(k) matching Qualifications SOC 2 Bachelor's degree Regulatory compliance analysis Full Job Description APCO Holdings partners with dealerships across North America to deliver innovative vehicle protection products and services that enhance the ownership experience for customers and drive growth for our partners. Through our family of brands, we bring together industry expertise, technology, and data-driven insights to help dealers strengthen their finance and insurance performance and build lasting relationships with their customers. Our teams work collaboratively across operations, technology, risk, finance, marketing, and sales to deliver solutions that create measurable value and support the continued growth of APCO and the partners we serve. We are looking for a Senior Security Risk & Compliance Analyst to support and strengthen APCO's security governance, risk, and compliance (GRC) initiatives. In this role, you will help drive compliance efforts, assess security controls, identify risks, and support the organization's ongoing commitment to maintaining a strong security posture and regulatory compliance. What You'll Do Security Compliance & Governance Collaborate across departments to ensure alignment with security compliance frameworks and regulatory requirements (SOC 2, NYCRR, FTC Safeguards Rule, etc.) Conduct security control mapping and compliance reconciliation activities Support the development, implementation, and maintenance of security policies, standards, and procedures Monitor and assess the effectiveness of security controls and compliance initiatives Risk Assessment & Mitigation Identify, assess, and prioritize security risks across systems, processes, and operations Partner with stakeholders to develop remediation plans and mitigation strategies Provide recommendations on security best practices and control implementations Conduct regular security audits and compliance assessments Reporting & Documentation Maintain documentation related to audits, risk assessments, remediation efforts, and compliance activities Prepare reports and dashboards on compliance status, risks, KPIs, and trends for leadership Track remediation efforts and support continuous improvement initiatives Security Awareness & Collaboration Support development and delivery of security awareness and training programs Promote a culture of security awareness and accountability across the organization Stay current on emerging threats, technologies, and evolving regulatory requirements What Makes You Successful You'll be successful in this role if you're highly analytical, detail-oriented, and passionate about security governance and compliance. You're comfortable evaluating risks, identifying gaps, and collaborating across teams to strengthen security controls and processes. You're also a strong communicator who can translate complex compliance and security concepts into actionable guidance for both technical and non-technical stakeholders. You thrive in fast-paced environments and enjoy balancing strategic thinking with hands-on execution. Basic Qualifications Bachelor's degree in Information Security, Information Technology, or a related field 8+ years of experience in IT security or related fields 5+ years of experience in risk management and regulatory compliance 5+ years of experience supporting or leading SOC 2 compliance efforts Strong understanding of security frameworks, controls, and regulatory requirements Preferred Qualifications Professional certifications such as CISSP, CISM, or CISA Experience with compliance frameworks and regulations such as SOC 2, NYCRR, and FTC Safeguards Rule Experience conducting audits, risk assessments, and remediation tracking Experience working in regulated industries such as insurance or financial services This Role Might Be a Great Fit If You… Enjoy identifying risks and improving security processes Thrive in cross-functional, collaborative environments Like balancing technical security concepts with governance and compliance Are motivated by protecting systems, data, and organizational integrity What We Offer Competitive compensation Comprehensive medical, dental, and vision benefits 401(k) with company match Paid time off and company holidays Opportunities for professional growth and certification support A collaborative and security-focused work environment At APCO, the way we work matters just as much as the results we deliver. Our values guide how we work, how we partner, and how we deliver results. We

C.A.R.E. C

ommitted - We build strong, high-trust relationships with our partners and each other. A ccountable - We take ownership of outcomes and hold ourselves to the highest standards of performance and integrity. R esults-Driven - We focus on delivering measurable outcomes that create value for our partners and our business. E xcellent - We strive for excellence in everything we do while balancing short-term performance with long-term success. If you're excited about joining a team that values collaboration, accountability, and continuous improvement, we'd love to hear from you. By submitting your application, you acknowledge that you have read and understand our Privacy Policy and Terms & Conditions . APCO Holdings may collect personal information (such as name, contact details, and employment history) to evaluate your candidacy. We may share this data with our subsidiaries, affiliates, and service providers. We retain applicant data only as long as necessary for the hiring process or as required by law. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.