CLOUDHQ LLC is Hiring a CLOUDHQ - Audit and Compliance Analyst Near Ashburn, VA
Job Type
Full-time
Description
Who We Are
Our purpose at CloudHQ is to provide flexible, efficient and resilient data center solutions to businesses of all sizes. Our growing organization was founded by the pioneer of data center REITs. CloudHQ has state-of-the-art data center sites located in two Northern Virginia locations, as well as London, Frankfurt, Paris, Milan, and Sao Paulo, and we anticipate exponential growth over the next several years both in the US and abroad.
What The Role Entails
CloudHQ is seeking an experienced Audit & Compliance Analyst to support IT audits, assessments and ensure regulatory compliance within our different business units. This role will assist with commercial compliance self-assessments, support interdepartmental remediation efforts, and manage third-party assessment organizations assessments for commercial accreditations.
What You Get to Do
•Assist in maintaining the information security management program, ISO 27001:2013 certification, SOC 1, SOC 2, CMMC, PCI compliance and all related audits
•In coordination with the Audit and Compliance Director, assist in managing the audit and compliance requirements at each data center site
•Assist with the creation and administration of information security awareness training for on-site personnel
•Participate in obtaining and maintaining the required certifications and attestation as required and work to ensure compliance with related programs
•Serve as a point of contact for audits and regularly report to the ISO Steering Committee
•Support the creation and maintenance of information security policies and procedures
•Research, select and implement new information security technologies
•Oversee information security audits, whether performed by organization or third-party personnel
•Apply working knowledge of commercial information security and privacy regulation and policy to articulate customer and control impact and drive alignment to controls
•Perform internal gap assessments
•Assist resource owners and staff in understanding and responding to security audit failures reported by auditors or otherwise identified
•Manage policies and procedures to meet ISO, SOC 1, SOC 2, CMMC and PCI standards
•Perform reviews of internal and external audits and work with process owners to remediate any non-conformities
•Work with process owners to obtain documentation, understand processes, discuss potential issues/deficiencies/findings
Requirements
What You Bring to The Role
•A minimum of three (3) years of experience in a fast-paced project management role and at least two (2) years of exposure to audits
•Experience and a thorough understanding of the requirements and structure of ISO 27001:2013, SOC 1, SOC 2, CMMC and PCI
•Strong understanding and experience working with International Standards Organization (ISO) regulations
•Strong understanding and experience with Business Process Improvement or continuous improvement models and processes
•Knowledge and understanding of relevant legal and regulatory requirements, including GDPR and other data protection regulations
•Managing ISMS (Information Security Management Systems)
•Strong organizational and project management skills with keen attention to detail
•Ability to work independently, maintaining a strong work ethic and self-motivation
•Strong sense of urgency to accomplish tasks on or ahead of schedule while still maintaining accuracy
•Outstanding written and verbal communication skills
•Responsible attitude with strong work ethic; leading by example in attendance, attitude and technical work product.
•Works well with internal and external team members and drives execution through collaboration and networking
•Adaptable to a fast-paced, changing environment
•Ability to manage multiple projects at the same time
•Expertise in Microsoft Office Suite a (e.g. Excel, Word, Outlook)
•Ability and willingness to work extended hours as required
Our Ideal Candidate Will Also Possess
•Certified Information Systems Security Professional (CISSP), ISO 27001 Lead Auditor, ISO 27001 Lead Implementer, Certified Cloud Practitioner, or equivalent certifications (or willingness to achieve upon hire)
•A bachelor's degree in Information Systems Management, Computer Science, Informatics, or other related fields
•Experience building certification roadmaps based on customer requirements, compliance documentation, and ensuring that committed assessments are delivered on schedule
What We Offer
CloudHQ's people and culture are the most enriching aspects that make us a great place to work. We are strengthened by industry experts who bring extensive knowledge, skill, and experience; leaders who bring vision, innovation and commitment to our people; and an expanding team of individuals who believe in that vision, and bring their best to support their customers and team.
Our employees enjoy competitive compensation and rewarding incentives, comprehensive benefits (medical, dental, vision, life insurance, disability), 401(k) with match, 12 paid holidays, generous PTO, development opportunities, and the ability to closely impact and contribute to the growth of an exceptional organization.
Equal Employment Opportunity
CloudHQ is an equal employee opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, age, national origin, disability, sexual orientation, gender identity or expression, marital status, genetic information, protected veteran status, or other legally protected status.
Job Summary