Cybersecurity Compliance Analyst

A Fortune Top 50 financial services company is seeking a highly motivated Cybersecurity Compliance Analyst to join their growing team.

***This is a Hybrid opportunity requiring the qualified professional to work onsite in Pensacola, FL or Vienna, VA at least 4 days a week.***

Responsibilities:

• Support the deployment, documentation, and operationalization of a cryptographic key inventory management solution


• Assist in requirements validation, ServiceNow configuration, inventory mapping, audit readiness, and knowledge transfer to operational support teams


• Document current manual tracking processes for cryptographic keys and related PCI artifacts


• Define and implement workflows to log and track key access, updates, and status changes


• Support the configuration of ServiceNow inventory management and mobile barcode scanning workflows


• Create a PCI-centric audit log and support automated alerting for lifecycle events (e.g., certificate/key expiration)


• Map key ownership and custodianship structures


• Support categorization of keys by risk/sensitivity


• Contribute to the creation of a key lifecycle management plan


• Collaborate with cybersecurity, PKI, and infrastructure stakeholders


• Develop documentation, SOPs, and training materials to support transition to operational support

Qualifications:

• Hands-on experience with ServiceNow asset/inventory management modules


• Familiarity with cryptographic key lifecycle management (generation, assignment, expiration, and tracking)


• Strong understanding of compliance frameworks (PCI DSS, NCUA, NIST, internal standards)


• Experience working in secure environments enforcing role-based access, separation of duties, and auditability


• Ability to build process maps, documentation, and training materials


• Comfortable gathering requirements from cross-functional teams and translating them into technical workflows

Desired Skills:

• Familiarity with Hardware Security Modules (HSMs) and cryptographic custody environments


• Experience with PKI key tracking and coordination with PKI lifecycle owners (e.g., Venafi)


• Knowledge of certificate renewal workflows and alerting mechanisms


• Exposure to key ownership and M-of-N access models


• Strong collaboration experience with audit and compliance teams