Haystack
← Back to Jobs
Administrative

Security & Compliance Analyst

Zion Cloud SolutionsChicago, IL🇺🇸United StatesPosted 8 Jul 2026

Quick Overview

Work Type
Hybrid
Level
Mid Senior

Job Description

Position: Security & Compliance Analyst

Location: Chicago, IL

Duration: Full-Time / Long Term Contract With potential extension.

About the role

We're looking for an experienced Security & Compliance Analyst to help keep a large, regulated technology environment secure, compliant, and audit-ready. You'll monitor and assess security controls, maintain compliance documentation, and work across security, IT, and delivery teams to make sure standards are not just written down but actually met. This is a hands-on role for someone who thinks in terms of controls, evidence, and continuous improvement.

What you'll do

  • Conduct periodic security control assessments aligned to NIST 800-53.
  • Review, maintain, and update system security plans and compliance documentation.
  • Monitor access logs and coordinate vulnerability scans across systems and applications.
  • Support audit readiness and reporting activities, including FedRAMP.
  • Track and support remediation of Plan of Action and Milestones (POA&M) findings.
  • Validate identity and access governance controls and support access management reviews.
  • Communicate risks, gaps, and remediation status clearly to both technical teams and leadership.

The ideal Security & Compliance Analyst

The qualities that matter most for this role:

  • Detail-oriented and thorough: You're meticulous with controls, evidence, and documentation, and you make sure nothing slips through the cracks.
  • A clear communicator: You translate technical risk and compliance findings into plain language that both engineers and leadership can act on.
  • Audit and evidence minded: You think in terms of controls, proof, and traceability, and you keep the environment audit-ready at all times.
  • Proactive and risk-aware: You anticipate gaps and raise issues early, rather than reacting after something goes wrong.
  • Collaborative: You work across security, IT, and delivery teams to get controls implemented, not just recommended.
  • High integrity: You're trusted with sensitive data and you hold the line on standards, even under pressure.

What you bring

  • Bachelor's degree in Cybersecurity, IT, or a related field.
  • 5+ years in security compliance and risk management (senior-level).
  • Working knowledge of NIST 800-53, HIPAA, FedRAMP, and FERPA standards.
  • Experience with security control assessments, system security plans, and POA&M remediation.
  • Strong written and verbal communication skills.

Nice to have

  • FedRAMP audit-readiness and reporting experience.
  • Familiarity with identity and access management (IAM) and identity governance (IGA) platforms (e.g., Okta, SailPoint).
  • Healthcare, Medicaid, or public-sector compliance experience.
  • Relevant certifications (e.g., CISA, CISSP, Security+).

Similar jobs