Information Security Compliance Analyst

🕒 March 31

🇺🇸 United States – Remote

💵 $61.7k - $87.6k / year

⏰ Full Time

🟡 Mid-level

🟠 Senior

🔐 Security Analyst

🦅 H1B Visa Sponsor

This company has sponsored H1B visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

CivicPlus

WebsiteLinkedInAll Job Openings

501 - 1000 employees

Founded 2001

📋 Compliance

🏛️ Government

☁️ SaaS

Compliance • Government • SaaS

CivicPlus is a leading provider of technology solutions for local governments, aimed at transforming the way municipalities operate and engage with their residents. With over 25 years of experience, CivicPlus offers a broad range of software solutions designed to automate processes, digitize services, and enhance civic experiences, all while ensuring compliance and accessibility. Their offerings include municipal websites, mass notification systems, social media archiving, 311 CRM system, and agenda and meeting management, among others. CivicPlus focuses on delivering a modern government experience, providing flexible, scalable, and customizable solutions to meet the complex needs of public sector operations. Their technology is trusted by over 10,000 local governments and is designed to improve communication, streamline workflows, and increase civic participation and satisfaction.

📋 Description

• Maintain and update information security policies, standards, and procedures in alignment with modern cybersecurity frameworks and regulatory requirements, including GovRAMP, FedRAMP, ISO 27001, PCI DSS, and SOC 2. • Maintain System Security Plans (SSPs) to ensure system boundaries, control implementations, and control inheritance accurately reflect the current state of production systems. • Coordinate and manage internal and external compliance assessment activities, including audit planning, audit fieldwork coordination, evidence collection and preservation, and support of audit responses. • Manage continuous monitoring activities, including tracking, updating, and reporting Plan of Actions and Milestones (POA&Ms) to support risk remediation and security posture communication. • Support risk assessments and control gap analyses by identifying security and compliance deficiencies and collaborating with stakeholders to define remediation approaches. • Define, track, and report key compliance metrics to measure program effectiveness and communicate compliance posture to leadership and governance committees. • Partner closely with engineering, operations, and production teams to ensure security requirements are documented, implemented consistently, and remain audit-ready across systems. • Develop and maintain audit-ready evidence repositories to support repeatable, efficient compliance assessments and reduce audit cycle time. • Provide guidance to system owners and control owners on compliance expectations, documentation standards, and control implementation requirements.

🎯 Requirements

• Bachelor’s degree in Cybersecurity, Information Security, Information Systems, or a related field (preferred), or equivalent professional experience. • 3–5 years of experience in information security compliance, cybersecurity assurance, GRC, or a related field. • Demonstrated experience managing System Security Plans (SSPs) and supporting documentation for enterprise systems. • Experience supporting compliance audits and certifications, including NIST 800-53 (FedRAMP/GovRAMP), ISO 27001, PCI DSS, and/or SOC 2. • Strong understanding of modern information security compliance frameworks and control-based security programs (e.g., NIST 800-53, ISO 27001, SOC 2). • Ability to interpret regulatory and compliance requirements and translate them into clear, actionable documentation. • Strong analytical, writing, and organizational skills with exceptional attention to detail. • Ability to manage multiple compliance activities concurrently while meeting deadlines and quality expectations. • Certifications Security+, GSEC, or equivalent certification preferred.

🏖️ Benefits

• Comprehensive health insurance • Dental insurance • Vision insurance • Flexible Time Off • 401(k) plan