[Remote] Public Sector Compliance Analyst

Note: The job is a remote job and is open to candidates in USA. Autodesk is a leading company in software innovation, and they are seeking a skilled Public Sector Compliance Analyst to ensure compliance with industry standards and regulatory requirements. The role involves assessing security controls, collaborating with various stakeholders, and implementing automated processes for compliance efforts.

Responsibilities

• Assess security controls to ensure alignment with regulatory requirements and industry best practices
• Collaborate with control and service owners to explain compliance requirements and provide guidance on how to meet these requirements effectively
• Implement and maintain automated processes for evidence collection and testing to streamline compliance efforts
• Support monthly continuous monitoring activities and maintain close partnership with vulnerability management teams
• Prepare and present detailed reports on compliance status, audit findings, and remediation plans to senior management, internal stakeholders, and external stakeholders
• Tracking, monitoring, and clear communication of open findings/POA&Ms
• Stay current with emerging security threats, vulnerabilities, and regulatory changes (e.g FedRAMP20x, CMMC), and recommend proactive measures to mitigate risks
• Support response to emergency directives and data calls from government agencies (e.g. CISA)

Skills

• U.S. citizenship or U.S. lawful permanent residency
• Bachelor's degree in Computer Science, Information Security, or a related field; relevant certifications (e.g., CISSP, CISM, CISA) preferred
• Minimum of 2 years of experience in security compliance, information security, or a related field, with a strong technical background
• Knowledge of security compliance frameworks, standards, and regulations (e.g., FedRAMP, ISO 27001, NIST, GDPR, CCPA, HIPAA)
• Experience with FedRAMP, CMMC, IL4+, and ITAR security assessments is highly desirable
• Experience with cloud security and compliance (e.g., AWS, Azure, Google Cloud) is highly desirable, especially in a GovCloud/GCCH environment
• Experience in assessing security controls and explaining compliance requirements to technically minded control and service owners
• Strong analytical and problem-solving skills, with the ability to assess complex security issues and develop effective solutions
• Excellent communication and interpersonal skills, with the ability to clearly articulate technical concepts to both technical and non-technical stakeholders
• Strong project management skills, with the ability to manage multiple projects and priorities simultaneously
• Experience building or leverage AI to support Compliance programs

Benefits

• Annual cash bonuses
• Commissions for sales roles
• Stock grants
• A comprehensive benefits package

Company Overview