Cybersecurity Compliance Analyst (Cypress, CA)

Method Technologies•Cypress, CA

3d•$85,000 - $115,000•Onsite

About The Position

Ready to kick off 2026 with a new adventure? Method Technologies is on the hunt for our next amazing team member! This candidate loves compliance, cybersecurity frameworks, and the thrill of keeping clients safe… but who also enjoys snacks, sarcasm, and the occasional office shenanigan. Now, I know what you are thinking - this is probably some boring desk job where all you do all day is shuffle papers around and file stuff, in between using one of those big multifunction copiers and taking breaks socializing at the water cooler. Well, I knew you would jump to that totally reasonable conclusion, so my response is this: Who still uses paper? We’re an IT company, everyone. We’re all about that digital technology. I can’t give you a zero-paper promise since not everyone has moved into the 21st century, but we’re getting there. It’s not just a water cooler, we have an entire kitchen. And our snack game is really on point.

Requirements

You live in the Southern California area. Our corporate office is in Cypress. We are currently only considering local candidates.
You have excellent communication skills. Yes, we know everyone says that, but we actually mean it. You’ll be writing reports, emailing clients, and explaining compliance standards without sounding like a robot.
You are vary detail oriented and so detail oriented that punctuation and grammar and spelling mistakes make you cringe and you canot stand it when sentences are butchered and continue to run on like they will never end. You’ll hopefully be so obsessed with the details that you caught all the mistakes in this bullet point as you read it.
You love learning. Compliance changes constantly, cybersecurity frameworks evolve, and clients sometimes ask wild questions. You’re not afraid to speak up, ask questions, or dive into the unknown.
You are ready to take the leap with a Managed Service Provider. You will be busy, IT can be stressful, but what job isn't?
You don’t need to know every compliance framework (HIPAA, GLBA, NIST 800‑171, CMMC, CIS Controls), just one will do. If you know more than one, great. If you know all of them….,are you okay?
You must be able to work full-time, 40 hours a week minimum - this is not a part-time position.
You must live in the Southern California area as this position works in our corporate office in Cypress, CA. We are currently only considering local candidates.
This is not a remote position. You will be working from our Cypress office every day, or dispatched to one of our clients’ sites if needed.
3 years or more of consecutive IT, cybersecurity, compliance, or MSP environment experience is required. We are looking for consistency in your job history as well as qualified professional experience.
Ability to follow verbal and written directions from clients, managers, and peers; ability to follow compliance guidelines for client specific security and operational standards.
IT can't always happen during business hours. After-hours work will happen and is expected from time to time.
You will be corresponding with clients via phone, email, and in person in a professional, yet friendly, manner. But don't be stuffy or act like a robot; you are a human being, act like one.
Driving is a requirement for this position as we often visit our clients in person at their location.

Nice To Haves

Security+ (CompTIA)
CCP (CMMC Certified Professional)
CISA (Certified Information Systems Auditor)
CC (ISC2 Certified in Cybersecurity)
ISC2 CGRC (Certified in Governance, Risk & Compliance)
ISO 27001 Lead Implementer or Auditor

Responsibilities

Ensuring client systems, documentation, and processes align with Method standards and applicable regulations.
Leading conversations with clients to understand their compliance needs (HIPAA, GLBA, NIST 800‑171, CMMC, CIS Controls, oh my!).
Identifying compliance gaps and helping clients fix them (kindly, but firmly).
Assisting with vendor risk/security assessments & compliance questionnaires (because vendors can be chaotic).
Supporting client security awareness and compliance training.
Maintaining our internal compliance framework, policies, and procedures.
Performing internal audits and ensuring reviews are completed on time (audit gremlins are real...you will defeat them).
Preparing compliance reports for leadership and regulatory needs.
Ensuring sensitive data handling and secure documentation practices across all departments.
Monitoring compliance status in internal and external systems and keeping documentation thorough and accurate.
Drafting/updating internal and client‑facing policies (because someone has to write this stuff and write it well).
Evaluating technical controls, at a documentation/governance level, to ensure they match framework requirements.
Supporting vulnerability management by tracking issues, documenting gaps, and following remediation progress.
Using reporting tools & external audit platforms to keep metrics clean and discrepancies squashed.
Assisting with cyber insurance applications (yes, insurers have questions...lots of them).