Career Opportunities

About the Role

We are looking for a skilled Risk, Compliance & Security Analyst to support our clients across governance, compliance, and operational resilience. This role is ideal for someone who understands how to assess security and business risks, design risk treatment plans, support SOC 2 audits, and contribute to business continuity and disaster recovery programs.

You will work across multiple industries and help organizations strengthen their security posture, reduce exposure, and build trust with customers, auditors, and regulators.

Key Responsibilities

• Conduct Information Security Risk Assessments and develop treatment plans
• Support SOC 2 readiness engagements (gap analysis, evidence collection, control mapping, policy review)
• Assist in Business Continuity & Disaster Recovery (BCDR) planning, testing, and documentation
• Work with technical and business teams to identify risks and recommend controls
• Maintain and document risk registers, audit response materials, and compliance reports
• Contribute to internal and client-facing governance frameworks, policies, and playbooks
• Collaborate with cross-functional teams (security, engineering, legal, operations)

Preferred Skills & Experience

• Experience in risk management, cybersecurity, compliance, or audit.
• Familiarity with SOC 2, ISO 27001, NIST CSF, CIS, or similar frameworks.
• Understanding of business continuity, disaster recovery, or operational resilience.
• Ability to translate technical risks into business-level language.
• Strong documentation, communication, and stakeholder management skills.
• Previous consulting or advisory experience is an advantage but not required.
• Bonus Skills (Nice to Have): Experience with GRC tools (OneTrust, Vanta, Drata, etc.), cloud environments (AWS, Azure, GCP), and relevant Certifications (CRISC, CISA, CC, etc.).

How to Apply

Send your resume to:

📩 info@laflogroup.com

Subject line: Risk & Compliance Analyst – Application