Cybersecurity Compliance Analyst (HIPAA / CIS etc)

About Ottimo Cyber Ottimo Cyber is a fast-growing Managed Security Services Provider (MSSP) helping healthcare and SMB clients strengthen their cybersecurity posture through penetration testing, remediation, and compliance alignment. We go beyond reports — our mission is to turn assessments into real-world security improvements that keep organizations compliant and resilient. We’re looking for a Cybersecurity Compliance Analyst to join us on a part-time basis (16 hours per week) to help review penetration tests, drive remediation efforts, and develop client security policies. This role offers the potential to grow into a full-time position as our client base expands. What You’ll Do Review and validate penetration testing and vulnerability assessment results. Work hands-on with client teams to remediate vulnerabilities (patching, hardening, access controls, etc.). Develop and maintain HIPAA and CIS Controls-aligned security policies, procedures, and documentation. Conduct compliance gap analyses and help clients build actionable remediation plans. Advise clients on best practices for risk management, compliance readiness, and ongoing security operations. Collaborate with Ottimo Cyber leadership to improve internal processes and reporting standards. What You Bring 3+ years of experience in cybersecurity, compliance, or IT security operations. Strong understanding of HIPAA Security Rule and CIS Controls. Familiarity with vulnerability management tools (Nessus, Burp Suite, Qualys, etc.). Ability to interpret technical findings and clearly communicate them to clients. Excellent documentation and organizational skills. A proactive, independent work style — comfortable managing deliverables in a small, dynamic team. Nice to Have Experience working in an MSSP or consulting environment. Hands-on remediation or configuration experience (Windows, Linux, or cloud). Certifications such as Security+, CEH, CISA, CISSP, or HCISPP. Familiarity with cloud security (AWS, Azure, or GCP). Why Ottimo Cyber Join a fast-moving cybersecurity startup making compliance practical for real-world organizations. Flexible remote work schedule — ideal for professionals looking to supplement existing work or transition to a growing security firm. Opportunity to scale into a full-time role as we continue to expand. Direct client impact — see the difference your work makes. Apply tot his job