Information Security & Compliance Analyst in Ashburn, Virginia at CloudHQ LLC

Who We Are

Our purpose at CloudHQ is to provide flexible, efficient and resilient data center solutions to businesses of all sizes. Our growing organization was founded by the pioneer of data center REITs. CloudHQ has state-of-the-art data center sites located in two Northern Virginia locations, as well as London, Frankfurt, Paris, Milan, and Sao Paulo, and we anticipate exponential growth over the next several years both in the US and abroad.

What The Role Entails

The Information Security & Compliance Analyst supports CloudHQ’s cybersecurity governance, risk, audit, and compliance programs by helping ensure the confidentiality, integrity, and availability of information assets, while maintaining compliance with operational, environmental, and energy management standards.

This role is responsible for supporting and continually improving CloudHQ’s Information Security Management System (ISMS), Environmental Management System (EMS), and Energy Management System (EnMS), while assisting with compliance initiatives related to ISO 27001:2022, ISO 14001, ISO 50001, SOC 1, SOC 2, and other applicable frameworks and regulatory requirements.

The ideal candidate will have experience in Governance, Risk, and Compliance (GRC), internal/external audit coordination, risk assessments, policy management, and cross-functional compliance activities within a fast-paced operational environment.

What You Will Get To Do

• Support the maintenance, operation, and continual improvement of CloudHQ’s Information Security Management System (ISMS), Environmental Management System (EMS), and Energy Management System (EnMS).
• Assist with compliance activities related to ISO 27001:2022, ISO 14001, ISO 50001, SOC 1, SOC 2, and other applicable standards or customer requirements.
• Partner with the Director of Audit & Compliance to coordinate internal audits, external audits, certification activities, risk assessments, and compliance initiatives across multiple site locations.
• Support governance, risk, and compliance (GRC) activities, including risk tracking, corrective action management, policy lifecycle management, and audit remediation efforts.
• Participate in identifying operational, technical, compliance, and security risks, and assist process owners with remediation planning and corrective actions.
• Coordinate audit evidence collection, documentation reviews, and compliance tracking activities to support certification and attestation efforts.
• Act as a liaison between technical teams, operational teams, and auditors during audit and assessment activities.
• Assist with the development, review, implementation, and maintenance of policies, standards, procedures, and governance documentation.
• Support vendor, customer, and third-party security/compliance requests and assessments, as applicable.
• Participate in awareness and training initiatives related to information security, compliance, environmental, and energy management programs.
• Support continuous improvement initiatives across security, audit, operational, environmental, and energy management processes.
• Assist in tracking compliance metrics, audit findings, non-conformities, corrective actions, and management reporting activities.
• Work collaboratively with Operations, IT, Engineering, Physical Security, Environmental Health & Safety (EHS), and other business stakeholders to support enterprise compliance objectives.
• Ability to travel up to 15% as needed to support audits, compliance activities, and operational initiatives across CloudHQ locations.

What You Bring to The Role

• Minimum of 3–5 years of experience in Information Security, Governance Risk & Compliance (GRC), Audit & Compliance, Risk Management, or related fields.
• Experience supporting regulated environments, ISO certification programs, SOC audits, or enterprise compliance initiatives strongly preferred.
• Working knowledge of ISO 27001:2022, SOC 1, SOC 2, ISO 14001, and ISO 50001 frameworks and controls.
• Familiarity with Governance, Risk, and Compliance (GRC) principles and compliance management processes.
• Understanding of audit methodologies, risk assessments, corrective action management, and continual improvement concepts.
• Ability to manage and organize compliance documentation, audit evidence, and remediation tracking activities.
• Awareness of relevant legal, regulatory, and privacy requirements, including GDPR and data protection principles.
• Strong analytical, organizational, and problem-solving skills with attention to detail.
• Ability to communicate effectively with technical teams, operational personnel, auditors, and leadership.
• Ability to work independently while managing multiple priorities in a fast-paced environment.
• Professional demeanor, accountability, and willingness to take initiative.

Our Ideal Candidate Will Also Possess

• Bachelor’s degree in Information Security, Cybersecurity, Information Systems, Business Administration, or related field.
• Experience with Microsoft Office Suite (Excel, Word, Outlook, PowerPoint) and compliance/document management platforms.
• One or more of the following certifications (or willingness to obtain upon hire):

ISO 27001 Lead Auditor or Internal Auditor

ISO 14001 and/or ISO 50001 Auditor

Certified Information Systems Auditor (CISA)

Certified Information Security Manager (CISM)

Security+

CRISC, CGRC, or similar governance/risk certifications

SOC audit or compliance-related certifications/experience

What We Offer

CloudHQ’s people and culture are the most enriching aspects that make us a great place to work. We are strengthened by industry experts who bring extensive knowledge, skill, and experience; leaders who bring vision, innovation and commitment to our people; and an expanding team of individuals who believe in that vision, and bring their best to support their customers and team. Our employees enjoy competitive compensation and rewarding incentives, comprehensive benefits (medical, dental, vision, life insurance, disability), 401(k) with match, 12 paid holidays, generous PTO, development opportunities, and the ability to closely impact and contribute to the growth of an exceptional organization.

Equal Employment Opportunity

CloudHQ is an equal-employee-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, age, national origin, disability, sexual orientation, gender identity or expression, marital status, genetic information, protected veteran status, or other legally protected status.