CLOUDHQ - Information Security & Compliance Analyst at CloudHQ LLC

Ashburn, Virginia, United States -

Full Time

Start Date

Immediate

Expiry Date

10 Apr, 26

Salary

0.0

Posted On

10 Jan, 26

Experience

2 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cybersecurity, Audit, Compliance, Risk Management, ISO 27001, SOC 1, SOC 2, ISO 14001, ISO 50001, Business Process Improvement, GDPR, Documentation, Communication, Organizational Skills, Time Management, Microsoft Office

Industry

Real Estate

Description

Description Who We Are Our purpose at CloudHQ is to provide flexible, efficient, and resilient data center solutions to businesses of all sizes. Our growing organization was founded by the pioneer of data center REITs. CloudHQ has state-of-the-art data center sites located on two Northern Virginia campuses, as well as London, Frankfurt, Paris, Milan, and São Paulo, and we anticipate exponential growth over the next several years both in the US and abroad. Our company’s reach is expanded through our affiliate companies – Cloud Capital, Dalian Development, and WindHQ. What The Role Entails The Information Security & Compliance Analyst supports CloudHQ’s security, audit, and compliance programs by ensuring the confidentiality, integrity, and availability of information assets, as well as compliance with operational and environmental standards. This role helps maintain compliance with ISO 27001:2022, ISO 14001, ISO 50001, SOC 1, SOC 2, and other frameworks, while identifying operational, technical, and compliance risks and driving remediation activities across the organization. What You Will Get to Do Support the maintenance and continual improvement of CloudHQ’s Information Security Management System (ISMS), Environmental Management System (ISO 14001), and Energy Management System (ISO 50001), along with compliance to ISO 27001:2022, SOC 1, and SOC 2 Partner with the Director of Audit & Compliance to coordinate and manage audit and compliance activities across all site locations Assist in developing, delivering, and maintaining security, environmental, and energy awareness and training programs for personnel Participate in obtaining, maintaining, and documenting all required certifications, attestations, and audit evidence Act as a point of contact for internal and external audits and regularly report compliance status to the ISO Steering Committee Contribute to the creation, review, and upkeep of policies, standards, and procedures across security, environmental, and energy programs Support the evaluation, selection, and implementation of new security, environmental, and energy management technologies Conduct internal gap assessments and support remediation efforts with process owners Assist resource owners in understanding and addressing audit findings, non-conformities, and identified deficiencies Manage documentation, evidence collection, and compliance activities to meet ISO, SOC, environmental, and energy standards Work with process owners to review processes, gather documentation, and discuss potential issues, risks, or findings Requirements What You Will Bring to The Role Minimum of three years of experience in Cybersecurity, Audit & Compliance, Risk Management, or related fields Familiarity with ISO 27001, SOC 1, SOC 2, ISO 14001, and ISO 50001 standards (hands-on experience a plus, but willingness to learn is acceptable) Basic understanding of Business Process Improvement or Continuous Improvement concepts Awareness of relevant legal and regulatory requirements, including GDPR and data protection principles Strong organizational and time management skills with attention to detail Ability to work independently while collaborating effectively with team members Clear written and verbal communication skills Responsible, professional attitude and willingness to take initiative Comfortable working in a fast-paced, changing environment Proficiency with Microsoft Office Suite (Excel, Word, Outlook) Our Ideal Candidate Will Also Possess Bachelor’s degree in a related field, preferred Certifications in ISO 27001, 14001, 50001 Auditor, Certified Information Systems Auditor (CISA), SOC2 Certification, Security+, or other similar information security credential related to audit and/or information systems security (or willingness to achieve upon hire) What We Offer CloudHQ’s people and culture are the most enriching aspects that make us a great place to work. We are strengthened by industry experts who bring extensive knowledge, skill, and experience; leaders who bring vision, innovation and commitment to our people; and an expanding team of individuals who believe in that vision and bring their best to support their customers and team. Our U.S. employees enjoy competitive compensation and rewarding incentives, comprehensive benefits (medical, dental, vision, life insurance, disability), 401(k) with match, 12 paid holidays, generous PTO, development opportunities, and the ability to closely impact and contribute to the growth of an exceptional organization. Equal Employment Opportunity CloudHQ is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, age, national origin, disability, sexual orientation, gender identity or expression, marital status, genetic information, protected veteran status, or other legally protected status.

Responsibilities

The Information Security & Compliance Analyst supports CloudHQ’s security, audit, and compliance programs, ensuring the confidentiality, integrity, and availability of information assets. This role involves maintaining compliance with various standards and driving remediation activities across the organization.