Cybersecurity Compliance Analyst (Cypress, CA)

Method Technologies • Full-time • Cypress, California, United States • 1d ago

Ready to kick off 2026 with a new adventure? Method Technologies is on the hunt for our next amazing team member! This candidate loves compliance, cybersecurity frameworks, and the thrill of keeping clients safe… but who also enjoys snacks, sarcasm, and the occasional office shenanigan.

Now, I know what you are thinking - this is probably some boring desk job where all you do all day is shuffle papers around and file stuff, in between using one of those big multifunction copiers and taking breaks socializing at the water cooler. Well, I knew you would jump to that totally reasonable conclusion, so my response is this:

Who still uses paper? We’re an IT company, everyone. We’re all about that digital technology. I can’t give you a zero-paper promise since not everyone has moved into the 21st century, but we’re getting there.
It’s not just a water cooler, we have an entire kitchen. And our snack game is really on point.

Why we will want to hire you:

You live in the Southern California area. Our corporate office is in Cypress. We are currently only considering local candidates.
You have excellent communication skills. Yes, we know everyone says that, but we actually mean it. You’ll be writing reports, emailing clients, and explaining compliance standards without sounding like a robot.
You are vary detail oriented and so detail oriented that punctuation and grammar and spelling mistakes make you cringe and you canot stand it when sentences are butchered and continue to run on like they will never end. You’ll hopefully be so obsessed with the details that you caught all the mistakes in this bullet point as you read it.
You love learning. Compliance changes constantly, cybersecurity frameworks evolve, and clients sometimes ask wild questions. You’re not afraid to speak up, ask questions, or dive into the unknown.
You are ready to take the leap with a Managed Service Provider. You will be busy, IT can be stressful, but what job isn't?
You don’t need to know every compliance framework (HIPAA, GLBA, NIST 800‑171, CMMC, CIS Controls), just one will do. If you know more than one, great. If you know all of them….,are you okay?
Certifications aren’t required, but if you have any of these, we might high‑five you during the interview.
- Security+ (CompTIA)
- CCP (CMMC Certified Professional)
- CISA (Certified Information Systems Auditor)
- CC (ISC2 Certified in Cybersecurity)
- ISC2 CGRC (Certified in Governance, Risk & Compliance)
- ISO 27001 Lead Implementer or Auditor

What you will be doing:

You will work closely with our clients and internal teams to help everyone stay compliant, secure, and ready for audits.

- Client Compliance (AKA helping clients get their security act together)
  - Ensuring client systems, documentation, and processes align with Method standards and applicable regulations.
  - Leading conversations with clients to understand their compliance needs (HIPAA, GLBA, NIST 800‑171, CMMC, CIS Controls, oh my!).
  - Identifying compliance gaps and helping clients fix them (kindly, but firmly).
  - Assisting with vendor risk/security assessments & compliance questionnaires (because vendors can be chaotic).
  - Supporting client security awareness and compliance training.
- Internal Compliance (AKA keeping us buttoned up, too)
  - Maintaining our internal compliance framework, policies, and procedures.
  - Performing internal audits and ensuring reviews are completed on time (audit gremlins are real...you will defeat them).
  - Preparing compliance reports for leadership and regulatory needs.
  - Ensuring sensitive data handling and secure documentation practices across all departments.
- Reporting, Documentation, & Cyber Compliance Tasks
  - Monitoring compliance status in internal and external systems and keeping documentation thorough and accurate.
  - Drafting/updating internal and client‑facing policies (because someone has to write this stuff and write it well).
  - Evaluating technical controls, at a documentation/governance level, to ensure they match framework requirements.
  - Supporting vulnerability management by tracking issues, documenting gaps, and following remediation progress.
  - Using reporting tools & external audit platforms to keep metrics clean and discrepancies squashed.
  - Assisting with cyber insurance applications (yes, insurers have questions...lots of them).
- Other Fun Facts
  - This is not a hands‑on system administration or security engineering role. You won’t be configuring firewalls or deploying servers.
  - But you will be the go‑to for all things compliance, governance, and “why does this policy exist?”
  - You can expect to be in the office everyday working on client requests, learning, collaborating with other team members, and generally having a good time.
  - Driving is a requirement for this position as we often visit our clients in person at their location.
  - You’re the kind of person who writes documentation so clean that future-you actually thanks past-you. Yes, it’s a rare skill. Yes, we appreciate it.
  - Ability to follow verbal and written directions from clients, managers, and peers; ability to follow compliance guidelines for client specific security and operational standards.
  - IT can't always happen during business hours. After-hours work will happen and is expected from time to time.
  - You will be corresponding with clients via phone, email, and in person in a professional, yet friendly, manner. But don't be stuffy or act like a robot; you are a human being, act like one.

Why you'll want us to hire you:

The people here are amazing!
We do a bunch of fun stuff outside of work such as paintballing, camping, pinball tournaments, go-karts, seeing movies, online video game tournaments, having free lunches, and other company sponsored events.
We have been recognized as one of Southern California's Best Places to Work for many years.
Our offices are pretty cool.
You will learn a ton.
We offer competitive benefits; 401k, PTO, health insurance, and much more.
You won't be another cog in a corporate machine. Real People, Real I.T.

Requirements:

You must be able to work full-time, 40 hours a week minimum - this is not a part-time position.
You must live in the Southern California area as this position works in our corporate office in Cypress, CA. We are currently only considering local candidates.
This is not a remote position. You will be working from our Cypress office every day, or dispatched to one of our clients’ sites if needed.
3 years or more of consecutive IT, cybersecurity, compliance, or MSP environment experience is required. We are looking for consistency in your job history as well as qualified professional experience.
Preferred Certifications
- Security+ (CompTIA)
- CCP (CMMC Certified Professional)
- CISA (Certified Information Systems Auditor)
- CC (ISC2 Certified in Cybersecurity)
- ISC2 CGRC (Certified in Governance, Risk & Compliance)
- ISO 27001 Lead Implementer or Auditor

To Apply:

If you meet the requirements, please send us your resume and a well-written cover letter that includes an answer to the following question:

Who is your favorite superhero and why?

We really care about the answer because it shows you read the entire post and are paying attention. You MUST include this part to even be considered. If you think we are joking, then try submitting a cover letter without it and see what happens. Spoiler alert: nothing will happen.

If selected, the interview process will consist of a one-way video interview and an in-person interview at our office in Cypress. The entire process usually takes about 3-4 weeks depending on scheduling.

Compensation:

Starting salary ranges from $85,000 - $115,000 per year, paid hourly, depending on experience, certifications, demonstrated skill, and how awesome you are.

Benefits: