Compliance Analyst

Benefits

Additional Information

JOB LOCATION 100 Percent Remote Aurora, Colorado 80012-5591 Cit y of Aurora , Colorado It is an exciting time to work for the City of Aurora, we're growing and looking for dedicated and collaborative individuals to join our team of talented and valued employees. Excellent organizations have a set of principles, or core values, that are used to implement their mission and vision. Those values represent the touchstone for the organization, guiding the decisions of the individuals and the organization. At the City of Aurora, we demonstrate our excellence by modeling the CORE 4 Values of: Integrity , Respect, Professionalism , and Customer Service , and we welcome all who share these values to apply. Why Work for Aurora? Make a difference in the lives of real people every day Diverse community Competitive total compensation package Well-Funded General Employees Retirement Plan Light rail station minutes away On-site fitness center and overall employee well-being programs Internal educational programs to assist with career advancement Access to innovation workspaces PRIMARY DUTIES & RESPONSIBILITIES Salary to be commensurate with experience The hiring range for this position is $37.34 - $46.67 per hour. This is classified as VHBE (Variable Hour Benefit Eligible), where the selected candidate can work up to 40 hours per week. The selected candidate will be eligible to elect Medical, Dental, and Vision benefits, accrue paid time off, and receive 11 paid holidays. The deadline to submit applications is June 22nd, 2026. Please note, The City of Aurora will conduct ongoing screenings of applications on a first come, first-serve basis; as soon as we determine to have a qualified pool of applicants, this position may close quickly and without notice. OVERVIEW OF POSITION / DEPARTMENT This role will be the Change Advisory Board lead and have agency over the IT change and configuration management program, ensuring standards of practice are met and that the changes are successful. The ISO is a center of excellence and is involved in numerous city initiatives; the successful candidate will act as the special projects lead by overseeing the success of various technology and information-based security and privacy initiatives at the direction of the CISO and CIO. PRIMARY DUTIES & RESPONSIBILITIES Risk & Compliance - You will share the lead position in the management and development of the enterprise information and technology compliance program, including managing the associated control catalog for your area of focus, control mapping, and research. Develops position papers for the CISO on new and existing compliance requirements, performs business compliance analysis, documents noncompliance and associated treatment plans, and provides reporting/metrics as requested by the CISO. You will be the lead for the end-to-end health and maturity of the CJIS compliance program across the city's 11 agencies. Audit Management - As the lead for the CJIS compliance program, you will be responsible for the performance of the biennial CBI certification audit response. This includes reviewing and documenting CJIS-governed technologies and business processes for compliance, and creation of gap and treatment reports in collaboration with the impacted business line to meet CJIS requirements. You will maintain the CBI training certificates for IT and work with the ISO Engagement team to develop training as needed. Collaboration - Provides expertise and consultation to the Security Operations team and the IT Department during the evaluation and configuration of security controls, processes, and products to ensure they meet or exceed compliance requirements. You will represent the ISO at various industry-related task forces and governing body meetings. Security Incident Response - Supports the Security Operations, IT, and business process owners during response to ensure noncompliance is identified and a treatment plan is developed. Will advise the CISO on possible compliance violations and reporting requirements. Documents treatment plans and supports the CISO in the reporting and notification. Risk Assessments - Works with Security Operations and Business Engagement to identify risk to technology and data, perform assessments, document risk within the ISO risk portfolio, and develop treatment plan recommendations for the CISO. Manages the maintenance of CJIS artifacts throughout the year, engaging IT and business staff to ensure responsive evidence is current and readily available for audit. Supports the CISO in the development of the annual audit and assessment plan. Tracks the resolution of findings through closure. Change Management - You will have the opportunity to reshape the change and configuration management program for the city's technical infrastructure. This role will develop and enforce compliance with change management standards of practice and configuration baseline development and deviation. You will run the Change Advis