Job Description

Job Title: Compliance Analyst
Job Number: 20829
Duration of Contract: 6+ Months with potential for long term extension

This is an excellent opportunity for candidates looking to secure a fully remote position!

Our client has an immediate need for a Compliance Analyst to join their team!  The ideal candidate in this role will have proven experience mitigating and evaluating internal risk.

Opportunity Overview :
  • Frequently collaborates with internal engineering and product teams to roll out new technologies for compliance.
  • Supports compliance programs, working with teams and organizations to drive auditing process, change request and remediation activities
  • Facilitate and verify SOC2 and ISO27001 P evidence and artifacts per SOC2 and ISO27001 continuous monitoring requirements for each SOC2 and ISO27001 customer
  • Contribute SOC2 and ISO27001 -specific input and assist with SOC2 and ISO27001 pre-audit and post-audit activities.
  • Contribute SOC2 and ISO27001 specific input to the System Security Plan.
  • Ensure systems security plan is updated to reflect changes as they arise and that the changes are reviewed and approved before incorporated in the SSP.
  • Work with leadership in developing SOC2 and ISO27001
  • Monitors POA&M, Compliance POA&M, Significant Change Requests, Operational Requirement Requests, and any other documentation required by a sponsoring agency or the SOC2 and ISO27001 PMO.

Qualifications & Required skills:
  • Proven experience with Federal Risk Authorization Management Program requirements and their implementation originating from NIST SP 800-53 Rev 4, NIST SP 800-37, FISMA (Federal Information Systems Management Act), NIST RMF (Risk Management Framework), NIST FIPS 199 & Data Classification
  • 2+ years of relevant experience in information security or compliance in a SOC2 and ISO27001 environment with experience supporting certification programs for the US public sector, specifically FedRAMP (NIST SP800-53 R4, SP800-37, STIGs, etc.)
  • Hands on experience working with cloud solutions to monitor and enforce compliance in compliance governed or regulated environments
  • Understanding of information security and security governance, risk and compliance frameworks, methodologies, and practices especially those unique to the SOC2 and ISO27001 space
  • Experience communicating compliance requirements with technical and non-technical individual business
  • Working knowledge of IT processes, IT compliance, IT frameworks, such as SOX, SSAE 16 - SOC 1 & SOC 2, PCI compliance, NIST, DIACAP, FedRAMP, ISO 27001 & ISO 27002
  • Evaluating risk and communicating risk in a fact-based manner
  • Cloud or SaaS experience
Work location and Additional Info:
Fully remote

Overture Partners is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, national origin, disability, sexual orientation, gender identity or expression, marital status, genetic information, protected veteran status, or other factors protected by federal, state, and/or local law.

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online