Cybersecurity Compliance Analyst

About The Position

Requirements

• Bachelor’s degree in information security, Information Technology, or related field, or equivalent experience on a year-for-year basis.
• Minimum of five (5) years of experience in cybersecurity governance, risk management, or compliance.
• Experience implementing RMF and security authorization processes.
• Experience working with enterprise GRC and IT service management tools.
• Knowledge of information security principles, compliance frameworks, security policies, standards, procedures, audit support practices, and third-party security review concepts.
• Skill in reviewing, organizing, and maintaining security documentation; conducting research; tracking compliance activities; supporting audits, remediation, and procurement-related security tasks; and coordinating with stakeholders to support timely completion of assigned work.
• Communication and Leadership Skills.
• Ability to analyze information, identify documentation gaps, communicate clearly with stakeholders, apply security requirements consistently, coordinate activities across technical and business teams, and support organized execution of compliance-related efforts.
• Ability to compile, order, analyze and correlate technical and non-technical information.
• Ability to understand, interpret and evaluate evidentiary materials in relation to security NIST 800-53, DIR, Privacy and Legal requirements.
• Ability to interpret regulatory and technical security requirements.
• Ability to perform documentation management and audit evidence preparation.
• Ability to perform process improvement and governance maturity development.
• Ability to communicate technical risk in business terms.
• Ability to perform facilitation of governance forums and working sessions.
• Ability to perform stakeholder engagement across technical and executive levels.
• Ability to communicate clearly verbally and in writing.
• Ability to maintain confidentiality of security and integrity of critical infrastructure systems by ensuring compliance with laws and regulations.

Nice To Haves

• Project Management Professional (PMP) or equivalent.
• Micro-credentials in Policy Analysis, Governance, or Risk Management
• Certified Paralegal (CP)
• Experience in public sector or healthcare security governance environments.

Responsibilities

• Assists with administration of the information security compliance program by supporting monitoring activities, documentation review, and coordination of compliance-related tasks.
• Reviews regulatory, statutory, and agency requirements to determine applicability and supports communication of resulting compliance obligations to relevant stakeholders.
• Maintains compliance-related records, trackers, and supporting documentation to promote consistency, traceability, and audit readiness.
• Provides staff support for governance activities by compiling information, preparing materials, and coordinating follow-up actions related to compliance initiatives.
• Conducts detailed research and review of technical and non-technical information, evidentiary materials, and supporting documentation, applying legal research and analysis methods to identify, organize, analyze, and correlate information for compliance with NIST SP 800-53, Texas Department of Information Resources (DIR) requirements, Criminal Justice Information Services (CJIS) Security Policy requirements, privacy requirements, applicable legal standards, and proposed legislative impacts.
• Assists in the review and maintenance of security policies, processes, and standards to support alignment with TAC 202, enterprise security requirements, and operational needs.
• Confirms security, regulatory, data, or privacy and identifies gaps or inconsistencies in existing policies, processes, standards, and publications by monitoring changes in regulatory requirements, industry practices, and technologies.
• Conducts research on security topics and emerging technologies (e.g., Cloud, AI) and supports incorporation of findings into updated policies, processes, standards, and publications.
• Supports updates and revisions to policies, processes, standards, and publications, ensuring artifacts remain current and aligned with compliance requirements.
• Assists in documenting security implementation guidance and contributes to published standards and procedural materials that support consistent and auditable practices.
• Contributes to the development and maintenance of IT publications, including procedures, guidelines, and reference materials.
• Supports audit coordination activities by assisting in the collection, review, and organization of evidence aligned to policies, processes, standards, and publications.
• Reviews documentation to ensure consistency with established security policies, documented procedures, and standards, escalating discrepancies as needed.
• Assists stakeholders in responding to audit requests and remediation activities by referencing applicable policy, process, standard, and publication artifacts.
• Tracks audit findings and support remediation efforts through updates to policies, processes, standards, and published guidance.
• Assists in reviewing third‑party security documentation (e.g., DUAs, MOUs) to ensure alignment with agency policies, processes, standards, and published security requirements.
• Supports procurement and contract review activities by helping verify that required security standards and policy-based controls are documented in vendor deliverables.
• Helps ensure that security expectations are referenced through standards and formal security publications where applicable.
• Works collaboratively with internal teams (security, IT, legal, procurement, and business units) to support consistent implementation and understanding of security policies, processes, standards, and publications.
• Performs other duties as assigned within the scope of the position.

Benefits

• 100% paid employee health insurance for full-time eligible employees
• A defined benefit pension plan
• Generous time off benefits
• Numerous opportunities for career advancement