Senior IT Security & Compliance Analyst

Job Description

Insight Global are seeking a Senior IT Security & Compliance Analyst to support and strengthen global security and compliance initiatives across a leading international cruise line brand. This role sits within IT Risk & Compliance and is responsible for ensuring the organisation meets key regulatory requirements such as SOX and PCI, while proactively identifying risks and driving remediation across technical teams. You’ll partner closely with security, IT, audit, and business stakeholders to improve the overall security posture and build a mature, scalable compliance framework.

Please note, this is a 12 month contract with likelihood of extensions. This position would require you to be onsite on a hybrid basis out of the office in Miami.

What You’ll Be Doing:

• Drive prioritisation of security and compliance remediation using a risk-based approach
• Coordinate annual audits and compliance reviews (SOX, PCI, etc.), including planning, execution, and reporting
• Identify, assess, and escalate security risks, ensuring clear ownership and mitigation plans
• Collect and validate audit evidence to ensure ongoing compliance readiness
• Track remediation activities and hold teams accountable for resolving gaps
• Provide regular status reporting to leadership on risks, controls, and compliance progress
• Act as a security advocate, ensuring alignment with internal policies and corporate standards
• Support process improvement initiatives to enhance compliance workflows and efficiency
• Partner with internal teams to deliver training and improve awareness of security and compliance
• Communicate technical concepts clearly to both technical and non-technical stakeholders

Must Haves:

• Strong experience in IT Compliance, Information Security, IT Audit, or GRC
• Strong experience working with SOX, PCI, or similar regulatory frameworks
• Background in risk assessment, audit coordination, and remediation tracking
• Proven ability to work cross-functionally and drive outcomes without direct authority
• Strong communication skills, be able to translate technical concepts into plain English
• Experience working with audit evidence, controls, and compliance documentation

Nice to Have:

• Experience with GRC tools (e.g. ServiceNow, Archer)
• Experience with data/reporting tools (e.g. Power BI, SQL)
• Exposure to frameworks such as ISO 27001, NIST, or CIS
• Certifications such as CISA, CISM, or CISSP
• Experience working in global or highly regulated environments