Job Description:
• Support ISO, SOC 2, and CMMC compliance activities under the direction of the Director of Compliance
• Assist with internal and external audit preparation, including:
• Collecting requested evidence
• Tracking auditor requests
• Organizing documentation for review
• Maintain compliance artifacts such as control matrices, evidence folders, spreadsheets, and trackers
• Track remediation items and follow up with control owners as directed
• Update and maintain compliance documentation, policies, procedures, and logs as instructed
• Manage version control and ensure documentation is current and properly stored
• Prepare draft reports, summaries, and status updates for compliance leadership
• Maintain audit calendars, timelines, and task lists
• Coordinate meetings related to compliance and audits, including scheduling, agendas, notes, and action-item tracking
• Serve as a point of contact for routine compliance-related requests and information gathering
• Communicate clearly with internal teams to obtain documentation and updates, escalating issues when needed
• Assist with maintaining awareness of compliance requirements across applicable frameworks (ISO 27001, SOC 2, CMMC)
• Support compliance training and awareness activities as directed
• Perform other compliance-related administrative or support tasks as assigned
Requirements:
• 1 – 3 years of experience in a compliance support, audit support, risk, security, IT administration, or similar operational role
• Experience supporting audits, compliance programs, or regulated environments is preferred
• Ability to follow established processes and execute tasks accurately and on time
• Strong organizational and time-management skills
• High attention to detail, especially when handling documentation and evidence
• Ability to manage multiple tasks and deadlines simultaneously
• Strong, clear written and verbal communication skills
• Familiarity with information security or compliance concepts
• Exposure to one or more frameworks such as ISO 27001, SOC 2, NIST, or CMMC is a plus
• Basic understanding of data protection and secure handling of information
• Ability to take direction and execute tasks independently once assigned
• Comfortable working with sensitive and confidential information
• Reliable, methodical, and process-oriented
• Willingness to learn and grow within a compliance functionTHE FOLLOWING SKILLS ARE PREFERRED BUT NOT REQUIRED:
• Associate’s or Bachelor’s degree in Information Technology, Information Systems, Cybersecurity, Business, or a related field
• Equivalent combination of education and relevant experience will be considered
Benefits: