Skills

Communication Risk Management Change Management Technical Writing power bi Azure AWS

Job Specifications

Title: GovCloud Compliance Analyst (Cloud Controls & Audit)

Location: Chicago, IL, 60691 Hybrid / Remote eligible (onsite visits expected periodically for audits and triage).

Overview

The GovCloud Compliance Analyst supports regulatory compliance and audit readiness for our GovCloud environments. This role implements and validates controls, manages evidence in Audit Board (system of record), and coordinates ATO/SA&A activities mapped to federal and state frameworks (NIST SP 800-53 Rev 5 — Moderate, FedRAMP, StateRAMP, MARS-E where applicable) and internal Canon Protocol mapping (ARC-AMPE).

Key responsibilities (measurable)

- Own assigned control families and maintain control evidence in Audit Board; achieve and sustain 65% evidence attachment completeness for assigned controls.
- Execute control assessment activities and perform internal validations at defined cadence (quarterly or as required by framework).
- Map inherited and system-specific controls to canonical mappings and update control mapping artifacts within Audit Board.
- Partner with engineering, platform, and risk teams to track ATO/SA&A milestones (maintain ATO readiness dashboard; escalate blockers within 48 hours).
- Prepare documentation packets and evidence bundles for external audits and customer assessments; support 100% on-time audit deliverables.
- Identify compliance gaps, propose prioritized remediation plans, and track remediation closure (target: close high/critical findings within 30 days or per SLA).
- Contribute to Power BI dashboards that visualize control health, evidence SLAs, and audit cycles; support monthly compliance reporting.
- Maintain procedures and update policies tied to assigned controls; document changes in the governance repository.

Required qualifications

- Minimum 3 years of compliance, IT risk, or audit experience in regulated cloud environments (AWS GovCloud, Azure Government, or equivalent).
- Working knowledge of NIST SP 800-53 Rev 5, FedRAMP, StateRAMP; experience mapping to MARS-E/ ARC-AMPE is a plus.
- Practical experience with GRC platforms (Audit Board preferred) and evidence management processes.
- Strong technical writing and stakeholder communication skills; able to explain control status to technical and non-technical audiences.
- Bachelor’s degree in Information Security, Computer Science, Risk Management, or equivalent experience.

Preferred qualifications

- Experience supporting ATO or SA&A efforts and coordinating external assessors.
- Certifications: CISA, CISSP, CRISC, or Security+.
- Experience with Power BI or advanced Excel for KPI tracking and reporting.
- Familiarity with ADO/IT ticketing or change management process

About the Company

Leveraging the expertise of over 350 certified and skilled engineers, CCS Global Tech leads the industry since 1997 in identifying the right business intelligence strategy to take your business to the next level. We have diverse in-depth expertise in multiple industries such as mortgage, healthcare, wireless, banking, technology, insurance, transportation, education and finance. Our knowledge and global capabilities, enable us to leverage best practices from other industries and pass the technical benefits on to our customer... Know more