GovCloud Compliance Analyst (100% Remote)

With roots dating back to the 1800s, our Customer is a global professional services firm HQ’d in New York City with businesses in insurance brokerage, risk management, reinsurance services, talent management, investment advisory, and management consulting. Today, they are a unique group of businesses with many enduring competitive advantages. Among them are the quality of their colleagues, deep client relationships, vast global footprint, depth of intellectual capital, and cohesive and collaborative culture.

We are seeking a GovCloud Compliance Analyst on a contract basis to support our Customer’s business needs. This role is 100% remote.

The GovCloud Compliance Analyst is responsible for ensuring regulatory compliance and audit readiness across GovCloud environments. This role focuses on implementing and validating security controls, managing evidence within governance systems, and coordinating authorization and assessment activities aligned with federal and state compliance frameworks.

Responsibilities:

• Own assigned control families and maintain control evidence within AuditBoard or similar GRC tools, maintaining at least 65% evidence attachment completeness.
• Perform control assessments and internal validations on a quarterly or as-needed basis.
• Map inherited and system-specific controls to canonical compliance frameworks and update documentation accordingly.
• Partner with engineering, risk, and platform teams to track ATO/SA&A milestones, maintaining readiness dashboards and escalating blockers promptly.
• Prepare audit documentation packets and evidence bundles for external and customer audits, ensuring 100% on-time deliverables.
• Identify and document compliance gaps, propose remediation actions, and track closure of high/critical findings within defined SLA timelines.
• Contribute to Power BI dashboards and compliance reports to visualize control health, evidence SLAs, and audit cycles.
• Maintain and update policies, procedures, and governance documentation tied to assigned controls.

Skills and Qualifications:

• Bachelor’s degree in Information Security, Computer Science, Risk Management, or related discipline.
• 3+ years of experience in compliance, IT risk management, or audit within regulated cloud environments (e.g., AWS GovCloud, Azure Government).
• Working knowledge of NIST SP 800-53 Rev 5, FedRAMP, and StateRAMP; familiarity with MARS-E or ARC-AMPE is a plus.
• Hands-on experience with GRC platforms (AuditBoard preferred) and evidence management processes.
• Strong technical writing and communication skills, with the ability to explain control and audit results to both technical and non-technical stakeholders.

Preferred:

• Experience supporting Authorization to Operate (ATO) or Security Assessment & Authorization (SA&A) activities.
• Certifications such as CISA, CISSP, CRISC, or Security+.
• Experience with Power BI or advanced Excel for KPI and compliance metric reporting.
• Familiarity with ADO or similar IT ticketing/change management systems.

We offer a competitive salary range for this position. Most candidates who join our team are hired at the median of this range, ensuring fair and equitable compensation based on experience and qualifications.

Contractor benefits are available through our 3rd Party Employer of Record (Available upon completion of waiting period for eligible engagements) Benefits include: Medical, Dental, Vision, 401k.

An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.