CLOUDHQ - Audit and Compliance Analyst

Who We Are

Our purpose at CloudHQ is to provide flexible, efficient and resilient data center solutions to businesses of all sizes. Our growing organization was founded by the pioneer of data center REITs. CloudHQ has state-of-the-art data center sites located in two Northern Virginia locations, as well as London, Frankfurt, Paris, Milan, and Sao Paulo, and we anticipate exponential growth over the next several years both in the US and abroad.

What The Role Entails

The Audit and Compliance Analyst will help to ensure that activities related to the confidentiality, integrity and availability of information are in compliance with CloudHQ’s information security policies. The Audit and Compliance Analyst identifies various risks (e.g. operational, technical, compliance) to the organization and makes recommendations for corrective action/mitigation of risks.

What You Will Get to Do  

• Assist in maintaining the information security management program, ISO 27001:2022 certification, SOC 1, SOC 2, CMMC, PCI compliance and all related audits.
• In coordination with the Director of Audit and Compliance, assist in leading and managing the audit and compliance requirements at each site location. 
• Assist with creation and administration of training and awareness for all site personnel. 
• Participate in obtaining and maintaining the required certifications and attestation as required and working to ensure compliance with such programs. 
• Serve as a point of contact for Audits and regularly report to the ISO Steering Committee.
• Help create and maintain information security policies and procedures.
• Assist in selecting and implementing new information security technologies.
• Create and provide information security awareness training to organization personnel.
• Oversee information security audits, whether performed by organization or third-party personnel.
• Communicate information security goals and new programs effectively.
• Perform internal gap assessments.
• Assist resource owners and staff in understanding and responding to security audit failures reported by auditors or otherwise identified.
• Manage policies and procedures to meet ISO, SOC 1, SOC 2, CMMC and PCI standards.
• Perform reviews of internal and external audits and work with process owners to remediate any non-conformities.
• Work with process owners to obtain documentation, understand processes, discuss potential issues/deficiencies/findings.

What You Bring to The Role  

• Experience and a thorough understanding of the requirements and structure of ISO 27001, SOC 1, SOC 2, ISO14001 and PCI as deemed by business. 
• Strong understanding and experience working with Business Process Improvement or Continuous improvement models and processes related to the International Standards Organization (ISO).
• Knowledge and understanding of relevant legal and regulatory requirements, including GDPR and other data protection regulations.
• Strong organizational and project management skills with keen attention to detail.
• Ability to work independently, maintaining a strong work ethic and self-motivation.
• Strong sense of urgency to accomplish tasks on or ahead of schedule while still maintaining accuracy.
• Outstanding written and verbal communication skills.
• Responsible attitude with strong work ethic; leading by example in attendance, attitude and technical work product.
• Strong teaming skills; works well with internal and external team members and drives execution through collaboration and networking.
• Adaptable to a fast-paced, changing environment.
• Ability to manage and collaborate on multiple projects at the same time.
• Expertise in Microsoft office suite a (e.g. Excel, Word, Outlook). 
• Ability and willingness to work extended hours when required.

Our Ideal Candidate Will Also Possess  

• Bachelor’s degree in a related field, preferred
• A minimum three (3) years of experience in Cybersecurity, Audit and Compliance or Risk Management.
• ISO 27001 Auditor, Certified Information Systems Auditor (CISA), Security+ or other similar Information Security credential related to the audit and/or Information Systems Security (or willingness to achieve upon hire).

What We Offer

CloudHQ’s people and culture are the most enriching aspects that make us a great place to work. We are strengthened by industry experts who bring extensive knowledge, skill, and experience; leaders who bring vision, innovation and commitment to our people; and an expanding team of individuals who believe in that vision, and bring their best to support their customers and team.

Our employees enjoy competitive compensation and rewarding incentives, comprehensive benefits (medical, dental, vision, life insurance, disability), 401(k) with match, 12 paid holidays, generous PTO, development opportunities, and the ability to closely impact and contribute to the growth of an exceptional organization.

Equal Employment Opportunity

CloudHQ is an equal employee opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, age, national origin, disability, sexual orientation, gender identity or expression, marital status, genetic information, protected veteran status, or other legally protected status.