CLOUDHQ - Information Security Analyst - Compliance

Who We Are

Our purpose at CloudHQ is to provide flexible, efficient and resilient data center solutions to businesses of all sizes. Our growing organization was founded by the pioneer of data center REITs. CloudHQ has state-of-the-art data center sites located in two Northern Virginia locations, as well as London, Frankfurt, Paris, Milan, and Sao Paulo, and we anticipate exponential growth over the next several years both in the US and abroad.

What The Role Entails

The Information Security Analyst – Compliance will help to ensure that activities related to the confidentiality, integrity and availability of information are in compliance with CloudHQ’s information security policies. The Audit and Compliance Analyst identifies various risks (e.g. operational, technical, compliance) to the organization and makes recommendations for corrective action/mitigation of risks.

What You Will Get To Do

• Assist in managing and maintaining CloudHQ's compliance with security standards, including ISO 27001, SOC 1, SOC 2, CMMC, and PCI, NIST, as well as supporting related audits.
• Support the Director of Audit and Compliance in overseeing site-specific compliance activities.
• Develop and deliver security awareness training and related materials to all personnel.
• Participate in the certification and attestation processes for regulatory and contractual compliance programs.
• Serve as a liaison for internal and external audits and provide regular updates to the ISO Steering Committee.
• Draft, review, and update information security policies and procedures.
• Assist in evaluating, selecting, and implementing security technologies to enhance compliance efforts.
• Perform internal gap assessments and support corrective actions for identified non-conformities.
• Collaborate with process owners to gather documentation, evaluate workflows, and resolve compliance issues or audit findings.
• Ensure policies and procedures align with standards such as ISO, SOC 1, SOC 2, CMMC, and PCI.

What You Bring to The Role

• Degree in Cybersecurity, Information Systems, IT, or a related field.
• At least three (3) years of experience in cybersecurity, compliance, or risk management.
• Experience and a thorough understanding of the requirements and structure of ISO 27001, SOC 1, SOC 2, ISO14001 and PCI as deemed by business.
• Strong understanding and experience working with Business Process Improvement or Continuous improvement models and processes related to the International Standards Organization (ISO).
• Knowledge and understanding of relevant legal and regulatory requirements, including GDPR and other data protection regulations.
• Strong organizational and project management skills with keen attention to detail.
• Ability to work independently, maintaining a strong work ethic and self-motivation.
• Strong sense of urgency to accomplish tasks on or ahead of schedule while still maintaining accuracy.
• Outstanding written and verbal communication skills.
• Responsible attitude with strong work ethic; leading by example in attendance, attitude and technical work product.
• Strong teaming skills; works well with internal and external team members and drives execution through collaboration and networking.
• Adaptable to a fast-paced, changing environment.
• Ability to manage and collaborate on multiple projects at the same time.
• Expertise in Microsoft office suite a (e.g. Excel, Word, Outlook).
• Ability and willingness to work extended hours when required.

Our Ideal Candidate Will Also Possess

• Certifications such as ISO 27001 Auditor, Certified Information Systems Auditor (CISA), or Security (or willingness to achieve certification upon hire).

What We Offer

CloudHQ’s people and culture are the most enriching aspects that make us a great place to work. We are strengthened by industry experts who bring extensive knowledge, skill, and experience; leaders who bring vision, innovation and commitment to our people; and an expanding team of individuals who believe in that vision, and bring their best to support their customers and team.

Our employees enjoy competitive compensation and rewarding incentives, comprehensive benefits (medical, dental, vision, life insurance, disability), 401(k) with match, 12 paid holidays, generous PTO, development opportunities, and the ability to closely impact and contribute to the growth of an exceptional organization.

Equal Employment Opportunity

CloudHQ is an equal employee opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, age, national origin, disability, sexual orientation, gender identity or expression, marital status, genetic information, protected veteran status, or other legally protected status.