LHH is working with a client based on the East Coast that is looking to hire a Gov Cloud Compliance Analyst to join our team for a 1 year+ project. The role will be 100% remote and the client would prefer to have this person working out of EST or CST time. The ideal candidate will have at least 3 years of GovCloud Compliance experience. A college degree isn’t necessary as the hiring manager prefers someone with real-world GovCloud Compliance experience.

GovCloud Compliance Analyst (Cloud Controls & Audit) - E-level

The GovCloud Compliance Analyst supports regulatory compliance and audit readiness for our GovCloud environments. This role implements and validates controls, manages evidence in AuditBoard (system of record), and coordinates ATO/SA&A activities mapped to federal and state frameworks (NIST SP 800-53 Rev 5 - Moderate, FedRAMP, StateRAMP, MARS-E where applicable) and internal Canon Protocol mapping (ARC-AMPE).

Key responsibilities (measurable)
- Own assigned control families and maintain control evidence in AuditBoard; achieve and sustain 65% evidence attachment completeness for assigned controls.
- Execute control assessment activities and perform internal validations at defined cadence (quarterly or as required by framework).
- Map inherited and system-specific controls to canonical mappings and update control mapping artifacts within AuditBoard.
- Partner with engineering, platform, and risk teams to track ATO/SA&A milestones (maintain ATO readiness dashboard; escalate blockers within 48 hours).
- Prepare documentation packets and evidence bundles for external audits and customer assessments; support 100% on-time audit deliverables.
- Identify compliance gaps, propose prioritized remediation plans, and track remediation closure (target: close high/critical findings within 30 days or per SLA).
- Contribute to Power BI dashboards that visualize control health, evidence SLAs, and audit cycles; support monthly compliance reporting.
- Maintain procedures and update policies tied to assigned controls; document changes in the governance repository.

Required qualifications
- Minimum 3 years of compliance, IT risk, or audit experience in regulated cloud environments (AWS GovCloud, Azure Government, or equivalent).
- Working knowledge of NIST SP 800-53 Rev 5, FedRAMP, StateRAMP; experience mapping to MARS-E/ ARC-AMPE is a plus.
- Practical experience with GRC platforms (AuditBoard preferred) and evidence management processes.
- Strong technical writing and stakeholder communication skills; able to explain control status to technical and non-technical audiences.
- Bachelors degree in Information Security, Computer Science, Risk Management, or equivalent experience.

Preferred qualifications
- Experience supporting ATO or SA&A efforts and coordinating external assessors.
- Certifications: CISA, CISSP, CRISC, or Security+.
- Experience with Power BI or advanced Excel for KPI tracking and reporting.
- Familiarity with ADO/IT ticketing or change management processes.

Experience: 3 years' experience

Additional Details:
Control framework literacy
Read the controls statement
Evidence in audit proficiency
GRC platform experience

Soft Skill requirements (team fit/personality requirements)
Invest in role
Relate experience to the roles

Benefit offerings available for our associates include medical, dental, vision, life insurance, short-term disability, additional voluntary benefits, EAP program, commuter benefits and a 401K plan. Our benefit offerings provide employees the flexibility to choose the type of coverage that meets their individual needs. In addition, our associates may be eligible for paid leave including Paid Sick Leave or any other paid leave required by Federal, State, or local law, as well as Holiday pay where applicable.

Equal Opportunity Employer/Veterans/Disabled

Military connected talent encouraged to apply

To read our Candidate Privacy Information Statement, which explains how we will use your information, please navigate to https://www-uat.lhh.com/us/en/candidate-privacy

The Company will consider qualified applicants with arrest and conviction records in accordance with federal, state, and local laws and/or security clearance requirements, including, as applicable:

• The California Fair Chance Act
• Los Angeles City Fair Chance Ordinance
• Los Angeles County Fair Chance Ordinance for Employers
• San Francisco Fair Chance Ordinance

Massachusetts Candidates Only: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.