Cybersecurity Compliance Analyst
Romeo Computer Company, Romeo, MI, United States
This is an in-office position located in Macomb County Michigan. Respectfully do not apply if not local to Southeastern Michigan
Position Overview
RCC Business IT is seeking a Cybersecurity Compliance Analyst to support our growing Compliance Services practice. This role assists organizations in regulated industries with achieving and maintaining cybersecurity compliance across frameworks such as ISO/IEC 27001, TISAX, and CMMC 2.0 aligned with NIST SP 800-171 Rev.2.
The Cybersecurity Compliance Analyst is responsible for maintaining compliance documentation, managing evidence in our GRC platform, and ensuring control requirements are properly documented and tracked during client engagements.
This role works to help organizations move from gap assessment → remediation → audit readiness → certification. This is an excellent opportunity for someone interested in governance, risk, and compliance (GRC) within cybersecurity.
Responsibilities
Compliance Program Support
Assist in performing compliance gap assessments across multiple security frameworks Document control implementation status and remediation plans Maintain control mappings and framework documentation GRC Platform Administration
Maintain client environments within the GRC platform Upload and organize evidence supporting security controls Track remediation activities and maintain POA&M records Update risk registers and control status Policy & Documentation Development
Draft and maintain security policies and procedures using approved templates Assist with documentation required for compliance frameworks Maintain structured evidence repositories Audit Readiness Support
Prepare evidence packages for internal and external audits Assist in conducting audit readiness checks Track completion of compliance milestones Client Coordination
Coordinate with internal engineers to collect evidence of implemented controls Track remediation timelines and follow up on outstanding items Participate in client compliance review meetings Required Qualifications
2-5 years experience in IT, cybersecurity, risk, or compliance Understanding of information security fundamentals Strong documentation and organizational skills Ability to interpret and document technical processes clearly Experience working with ticketing systems, documentation platforms, or compliance tools Strong attention to detail and process management Preferred Experience
Familiarity with security frameworks such as:
ISO 27001 NIST 800-171 CMMC TISAX
Experience with GRC platforms Experience writing policies or compliance documentation Exposure to managed service environments (MSP / MSSP) Preferred Certifications (not required)
Security+ ISO 27001 Foundation GRC or risk management training Key Skills
Ability to manage multiple client compliance engagements simultaneously Documentation discipline Process management Technical translation (turning engineering work into compliance evidence) Organization and evidence tracking Risk awareness Success in This Role
Successful candidates will help ensure:
Compliance documentation is accurate and audit-ready Evidence supporting security controls is properly organized Compliance projects stay on track toward certification Clients maintain ongoing compliance posture Benefits:
Competitive salary commensurate with experience. Health, dental, and vision insurance coverage. Retirement savings plan with company match. Paid time off and holidays. Opportunities for professional development and training.
Position Overview
RCC Business IT is seeking a Cybersecurity Compliance Analyst to support our growing Compliance Services practice. This role assists organizations in regulated industries with achieving and maintaining cybersecurity compliance across frameworks such as ISO/IEC 27001, TISAX, and CMMC 2.0 aligned with NIST SP 800-171 Rev.2.
The Cybersecurity Compliance Analyst is responsible for maintaining compliance documentation, managing evidence in our GRC platform, and ensuring control requirements are properly documented and tracked during client engagements.
This role works to help organizations move from gap assessment → remediation → audit readiness → certification. This is an excellent opportunity for someone interested in governance, risk, and compliance (GRC) within cybersecurity.
Responsibilities
Compliance Program Support
Assist in performing compliance gap assessments across multiple security frameworks Document control implementation status and remediation plans Maintain control mappings and framework documentation GRC Platform Administration
Maintain client environments within the GRC platform Upload and organize evidence supporting security controls Track remediation activities and maintain POA&M records Update risk registers and control status Policy & Documentation Development
Draft and maintain security policies and procedures using approved templates Assist with documentation required for compliance frameworks Maintain structured evidence repositories Audit Readiness Support
Prepare evidence packages for internal and external audits Assist in conducting audit readiness checks Track completion of compliance milestones Client Coordination
Coordinate with internal engineers to collect evidence of implemented controls Track remediation timelines and follow up on outstanding items Participate in client compliance review meetings Required Qualifications
2-5 years experience in IT, cybersecurity, risk, or compliance Understanding of information security fundamentals Strong documentation and organizational skills Ability to interpret and document technical processes clearly Experience working with ticketing systems, documentation platforms, or compliance tools Strong attention to detail and process management Preferred Experience
Familiarity with security frameworks such as:
ISO 27001 NIST 800-171 CMMC TISAX
Experience with GRC platforms Experience writing policies or compliance documentation Exposure to managed service environments (MSP / MSSP) Preferred Certifications (not required)
Security+ ISO 27001 Foundation GRC or risk management training Key Skills
Ability to manage multiple client compliance engagements simultaneously Documentation discipline Process management Technical translation (turning engineering work into compliance evidence) Organization and evidence tracking Risk awareness Success in This Role
Successful candidates will help ensure:
Compliance documentation is accurate and audit-ready Evidence supporting security controls is properly organized Compliance projects stay on track toward certification Clients maintain ongoing compliance posture Benefits:
Competitive salary commensurate with experience. Health, dental, and vision insurance coverage. Retirement savings plan with company match. Paid time off and holidays. Opportunities for professional development and training.