Cloud Compliance Analyst/Specialist - 100% REMOTE

Location: 100% REMOTE

Duration: 12 Months

Responsibilities:

The Senior Compliance Specialist will be part of the Global Streaming Technology Analytics and Assurance team, supporting the management of compliance requirements and evaluating how new technology transformations impact our compliance posture.

Key responsibilities include:

• Compliance & Security Oversight:
  • Ensure adherence to PCI, SOX, and SOC 2 Type II control frameworks.
  • Work with stakeholders across the business to collect evidence and validate that all control requirements are met.
  • Familiarity with major areas of technical compliance, including access management (including UARs), asset management,secure development lifecycle, encryption, segregation of duties, secure configuration management, vulnerability management, secrets rotation, etc.
  • Research and recommend security best practices for cloud-based services and infrastructure.
• Cloud & Infrastructure Compliance:
  • Assess compliance across AWS, Google Cloud Platform, and Azure environments, including EC2 instances, databases, and storage.
  • Evaluate security and compliance for containerized environments (Kubernetes, Docker, etc.).
  • Collaborate on strategies to automate compliance monitoring for cloud environments.
• CI/CD & DevSecOps Integration:
  • Partner with DevOps and security teams to ensure compliance is integrated into CI/CD pipelines (GitHub, Jenkins, Terraform, Atlantis).
  • Help build Compliance as Code and Policy as Code capabilities.
  • Identify solutions to automate compliance evidence collection for tools and pipelines.
• Audit & Process Optimization:
  • Support internal and external audits, ensuring controls are properly implemented and evidenced.
  • Develop technical documentation to align with compliance requirements.
  • Track compliance requests, deliverables, and key project milestones.

Qualifications/Requirements:

• 5+ years of direct experience (i.e. not just project management) in technical compliance, cyber security, or cloud governance.
• Must have experience collecting and analyzing evidence for controls.
• Hands-on experience with PCI DSS, SOX, and/or SOC 2 Type II compliance frameworks.
• Strong understanding of cloud platforms (AWS, Google Cloud Platform, Azure) and security best practices.
• Experience with Kubernetes, Docker, and container security.
• Familiarity with CI/CD tools (GitHub, Jenkins, Terraform, Atlantis).
• Experience with API development and scripting for compliance automation a plus.
• Knowledge of ServiceNow, CMDBs, and risk management platforms (e.g., LogicGate Risk Cloud) is a plus.
• Prior experience at a Big 4 consulting firm (Deloitte, PwC, EY, KPMG) is a huge plus.

Desired Characteristics:

• Strong problem-solving and analytical skills
• Attention to detail and ability to effectively communicate status and roadblocks for compliance areas.
• A passion for technology, security, and compliance in a fast-paced environment.
• Effective research, documentation, and organizational skills.
• Excellent communication skills and ability to present to leadership.
• Deadline focused and willing to escalate to leadership if encountering blockers.
• Collaborative mindset with a willingness to explore new solutions.

Best Regards,

Chetna

-D

-Fax

Truth Lies in Heart