Must be open to hybrid (onsite 2-3 days) in Huntsville, AL Must be **eligible** to obtain security clearance (no visa sponsorship) Minimum completed Bachelors degree REQUIRED + 7 years professional experienceJob PurposeThe Senior Cybersecurity Compliance Analyst is responsible for assessing business policies, procedures, and operations to ensure the organization meets privacy requirements and government regulations for the protection of sensitive information. Privacy and Compliance Analysts manage the legal and operational risks related to sensitive and critical information assets, continuously assess business unit operations, and develop policies, procedures, and user training necessary to meet or exceed privacy requirements.Day-to-Day -Assists with difficult cybersecurity questions and requests from customers. -Direct sponsor engagement as required to review current and planned requirements for secure infrastructures that require compliance. -Guide requirements gathering and analysis. -Leads validation of security control configuration on systems, ensure all systems are configured to necessary controls, such as NIST, DFARS 252.204-7012, CMMC, and other similar requirements. -Articulates privacy requirements into product life-cycle including definition, requirements analysis, synthesis, cyber engineering analysis and implementation. -Conducts privacy impact analyses and identify areas needing improvement and recommend necessary enhancements to achieve privacy goals. -Reviews modifications to critical information systems and directs implementation of configuration changes. -Mentors lower-level cybersecurity and IT professionals across the enterprise. Must-haves -Bachelors degree and 9 years of exp OR Masters and 7 years of exp -Experience in cyber-Governance, Risk, and Compliance (GRC). -Experience in a cyber assessment or inspection related role, ideally with experience in cybersecurity incident response. -Solid technical understanding of cybersecurity concepts, standards, guidelines, and principles. -Experience with industry-recognized security compliance frameworks (NIST, PCI-DSS, HIPAA, etc.). -Experience with data aggregation/analytics and/or SIEM tool -Experience with Endpoint Detection and Response (EDR) solutions. -Experience with Vulnerability Management tools. -Ability to work at a technical level to assessments of IT environments, capable of identifying vectors of threats, vulnerabilities, and areas on non-compliance. -CompTIA Advanced Security Practitioner (CASP), Certification Authorization Professional (CAP), GIAC Security Leadership Certificate (GSLC), Health Care Information Security and Privacy Practitioner (HCISPP), or equivalent certification highly preferred *Preferred* Skills (not required): -Active Secret Clearance -Master's degree in cybersecurity, information technology, engineering, or a related field -Experience as an incident manager, commander, or leader. -10+ years of progressive work-related experience in information security, public accounting or internal audit, with a focus on IT controls audits and assessments and/or controls readiness assessments. -Experience with the following cybersecurity tools: Splunk, CrowdStrike, Tenable.io, Axonious -Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or equivalent certification