Overview
The Senior Cybersecurity Audit Analyst is responsible for coordinating and supporting external cybersecurity audits and continuous compliance assessment programs across hybrid enterprise on-premises and cloud environments. This role includes providing assurance with SOC 2, ISO/IEC 27001, FedRAMP, and CMMC compliance, combining traditional audit coordination with ongoing control monitoring and compliance program execution. The role requires strong program management and organizational skills to manage multiple concurrent audits, remediation tracking, continuous monitoring and improvement activities, and internal and external stakeholder communications
Responsibilities
External Audit Coordination
- Coordinate end-to-end external third-party cybersecurity audits, including scoping, readiness planning, timelines, and evidence coordination
- Serve as the primary point of contact between external auditors, assessors, and internal stakeholders
- Manage evidence requests, walkthroughs, interviews, and follow-up inquiries
- Ensure audit evidence is complete, accurate, well-organized, and delivered on schedule
- Coordinate audit close-out activities and remediation planning
- Improve and consolidate audit activities to reduce duplication and improve efficiencies
- Educate and communicate the importance of external third-party audits to key internal and external stakeholders, including executive management
Continuous Assessment & Ongoing Compliance
- Establish and maintain continuous compliance and recurring assessment programs between formal audits
- Track control effectiveness, evidence currency, and remediation activities
- Support continuous monitoring and evidence automation initiatives
Program Management & Organizational Leadership
- Manage multiple concurrent compliance initiatives with competing deadlines
- Ensure documentation and evidence repositories are inspection-ready at all times
- Work with internal key stakeholders to ensure they are meeting their compliance and continuous monitoring objectives
- Work with business and technical stakeholders to assess the scope of compliance frameworks associated with systems in scope and adapt to changing cybersecurity framework baselines
Requirements
- 5+ years of experience, or an equivalent combination of education and work experience, in business, program management, cybersecurity, regulatory compliance or related field
- A keen interest in learning and developing skills and understanding in IT, cybersecurity and compliance is necessary to foster the communications and relationships central to this role
- Strong interpersonal and communication skills to work effectively with IT and business units, including senior leadership; ability to bridge communications between technical IT team members, external stakeholders and compliance team members
- Strong attention to detail, organization and structure, communication, and presentation skills including the ability to list and quickly translate business needs into solutions and build effective working relationships
- Strong, self-motivated, and productive team player with ability to thrive in a dynamic, fast-paced environment
- U.S. citizenship with ability and willingness to obtain a security clearance
- Bachelor's degree in Cybersecurity, business administration, project management
Recommended Qualifications
- Cybersecurity certifications such as Security+, CISSP, CRISC, and CISA
- ISO Lead Auditor, Lead Implementor, Cybersecurity Maturity Model Certification (CMMC) Certified Professional or (Lead) Assessor
- PMP certification
- Master’s degree in Cybersecurity, business administration, project management
#LI-TM1
#LI-onsite
Total Rewards
Esri’s competitive total rewards strategy includes industry-leading health and welfare benefits: medical, dental, vision, basic and supplemental life insurance for employees (and their families), 401(k) and profit-sharing programs, minimum accrual of 80 hours of vacation leave, twelve paid holidays throughout the calendar year, and opportunities for personal and professional growth. Base salary is one component of our total rewards strategy. Compensation decisions and the base range for this role take into account many factors including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs.
The Company
At Esri, diversity is more than just a word on a map. When employees of different experiences, perspectives, backgrounds, and cultures come together, we are more innovative and ultimately a better place to work. We believe in having a diverse workforce that is unified under our mission of creating positive global change. We understand that diversity, equity, and inclusion is not a destination but an ongoing process. We are committed to the continuation of learning, growing, and changing our workplace so every employee can contribute to their life’s best work. Our commitment to these principles extends to the global communities we serve by creating positive change with GIS technology. For more information on Esri’s Racial Equity and Social Justice initiatives, please visit our website here.
If you don’t meet all of the preferred qualifications for this position, we encourage you to still apply!
Esri is an equal opportunity employer (EOE) and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law. If you need reasonable accommodation for any part of the employment process, please email [email protected] and let us know the nature of your request and your contact information. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to from this e-mail address.
Esri Privacy Esri takes our responsibility to protect your privacy seriously. We are committed to respecting your privacy by providing transparency in how we acquire and use your information, giving you control of your information and preferences, and holding ourselves to the highest national and international standards, including CCPA and GDPR compliance.
Skills Required
- 5+ years of experience in cybersecurity, regulatory compliance or related field
- Bachelor's degree in Cybersecurity, business administration, project management
- U.S. citizenship with ability to obtain a security clearance
Esri Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Esri and has not been reviewed or approved by Esri.
-
Healthcare Strength — Feedback suggests health coverage is a standout, with full company-paid medical, dental, and vision premiums frequently cited as uncommon and valuable. Comprehensive options, including mental health support and FSAs, reinforce confidence in core healthcare benefits.
-
Affordable Benefits — Feedback suggests employer-paid premiums lower out-of-pocket costs, which many view as a meaningful offset to lower cash pay in some roles. This affordability underpins satisfaction with total compensation even when salaries are seen as moderate relative to tech hubs.
-
Retirement Support — Feedback suggests 401(k) matching and profit sharing are valued components that strengthen long-term financial security. These programs contribute to a perception of stability and a well-rounded total rewards package.
Esri Insights
What We Do
As a leading location intelligence platform provider (Forrester Wave 2020), Esri empowers leaders with innovative tools to help create sustainable prosperity. Esri's customers drive digital transformation by embracing the power of location. We pioneer problem solving with GIS to help you see what others can’t. We build ArcGIS, the world’s most powerful mapping & spatial analytics software. ArcGIS software and apps combine mapping and data analytics to deliver location intelligence and meet digital transformation needs for organizations of all sizes.
