Cybersecurity Compliance Analyst

Requirement:

Cybersecurity Compliance Analyst

Remote

12+ Months

About the role

We''re looking for a skilled Cybersecurity Compliance Analyst who sits at the intersection of security policy, compliance, exception management, and IT operations. You''ll be a key contributor to our compliance evaluation process - from intake to closure - while partnering with business units and IT teams to mitigate risk and ensure internal applications are in compliance with company policy and secure. The Cybersecurity Compliance Analyst will apply a risk-based approach to security assessment, remediation, and compliance with an emphasis on securing applications. You enjoy work that involves teamwork, independent activities, and business engagement.

What you''ll do

· Support compliance evaluations. Contribute to the evidence-based, business user-driven Compliance Evaluation Process, with periodic sample reviews for compliance.

· Support Cybersecurity Compliance through team collaboration, innovation, and independent research.

· Identify opportunities to develop solutions that increase efficiencies.

· Be an Advocate. Promote the global security program and cooperation across HPE business units.

· Build and maintain dashboards and reporting for assessment inventory, aging, and closure rates for leadership and audit audiences.

· Collaborate with GRC, Cybersecurity SMEs, IT, App owners to ensure Compliance Evaluation requests are appropriately scoped, documented, and assessed within agreed timelines.

· Support internal and external audits by providing clear documentation of the compliance evaluation process and evidence of controls.

· Contribute to security policy updates that reflect emerging risk patterns or operational realities surfaced through the evaluation process.

Required Qualifications

· 3+ years in an IT security, GRC, compliance, or IT operations role

· Solid understanding of core security frameworks (NIST CSF, ISO/IEC 27001/2, CIS Controls, or similar) and security best practices

· Experience assessing compliance of internal applications with internal cybersecurity policy

· Experience with ITSM or GRC platforms (e.g. ServiceNow, Jira, Archer, OneTrust)

· Strong analytical and problem-solving skills.

· Strong teamwork and collaborative skills.

· Strong organization, prioritization, and rationalization skills.

· Effective verbal and written communication skills.

· Ability to build relationships, engage and influence others, and work with diverse teams and levels of an organization.

· Ability to manage a high volume of requests while keeping quality high

Preferred qualifications

· Familiarity with cloud security concepts (AWS, Azure, Google Cloud Platform) and modern DevOps environments

· Professional security certifications a plus

· Background in a regulated industry (financial services, healthcare, government)

· Experience building metrics dashboards in tools like Power BI, Tableau, or Splunk

Key skills

· Compliance assessment

· Risk assessment

· Business analysis

· Stakeholder engagement

· Process improvement

· GRC platforms

· Security policy

· Compensating controls