CLOUDHQ - Information Security & Compliance Analyst

About The Position

Requirements

• Minimum of three years of experience in Cybersecurity, Audit & Compliance, Risk Management, or related fields
• Familiarity with ISO 27001, SOC 1, SOC 2, ISO 14001, and ISO 50001 standards (hands-on experience a plus, but willingness to learn is acceptable)
• Basic understanding of Business Process Improvement or Continuous Improvement concepts
• Awareness of relevant legal and regulatory requirements, including GDPR and data protection principles
• Strong organizational and time management skills with attention to detail
• Ability to work independently while collaborating effectively with team members
• Clear written and verbal communication skills
• Responsible, professional attitude and willingness to take initiative
• Comfortable working in a fast-paced, changing environment
• Proficiency with Microsoft Office Suite (Excel, Word, Outlook)

Nice To Haves

• Bachelor’s degree in a related field, preferred
• Certifications in ISO 27001, 14001, 50001 Auditor, Certified Information Systems Auditor (CISA), SOC2 Certification, Security+, or other similar information security credential related to audit and/or information systems security (or willingness to achieve upon hire)

Responsibilities

• Support the maintenance and continual improvement of CloudHQ’s Information Security Management System (ISMS), Environmental Management System (ISO 14001), and Energy Management System (ISO 50001), along with compliance to ISO 27001:2022, SOC 1, and SOC 2
• Partner with the Director of Audit & Compliance to coordinate and manage audit and compliance activities across all site locations
• Assist in developing, delivering, and maintaining security, environmental, and energy awareness and training programs for personnel
• Participate in obtaining, maintaining, and documenting all required certifications, attestations, and audit evidence
• Act as a point of contact for internal and external audits and regularly report compliance status to the ISO Steering Committee
• Contribute to the creation, review, and upkeep of policies, standards, and procedures across security, environmental, and energy programs
• Support the evaluation, selection, and implementation of new security, environmental, and energy management technologies
• Conduct internal gap assessments and support remediation efforts with process owners
• Assist resource owners in understanding and addressing audit findings, non-conformities, and identified deficiencies
• Manage documentation, evidence collection, and compliance activities to meet ISO, SOC, environmental, and energy standards
• Work with process owners to review processes, gather documentation, and discuss potential issues, risks, or findings

Benefits

• CloudHQ’s people and culture are the most enriching aspects that make us a great place to work.
• We are strengthened by industry experts who bring extensive knowledge, skill, and experience; leaders who bring vision, innovation and commitment to our people; and an expanding team of individuals who believe in that vision and bring their best to support their customers and team.
• Our U.S. employees enjoy competitive compensation and rewarding incentives, comprehensive benefits (medical, dental, vision, life insurance, disability), 401(k) with match, 12 paid holidays, generous PTO, development opportunities, and the ability to closely impact and contribute to the growth of an exceptional organization.