Security Compliance Analyst III (MUST have NIST)

Our client based in Seattle, WA is looking to hire a Security and Compliance Analyst who has a STRONG background with NIST to join our team for a 1 year+ project. The role will be 100% remote. The ideal candidate will have at least 5 years of Data Center Operations, IT Asset disposition, Data Security, or Hardware Lifecycle Management in order to be considered and have proven experience with NIST. Candidates MUST reside in the continental United States to be considered. About the Team The IDC Security & Compliance organization (approximately 110 employees) is responsible for protecting one of the world's largest infrastructure environments. The team spans threat detection, data center design security, compliance administration, leased data center security, and Data Bearing Device (DBD) governance. This role specifically supports the DBD Governance function, receiving daytoday direction from the governance lead. The team is actively modernizing processes and tooling, including the transition from paperbased workflows to structured, auditable systems of record. Role Summary We are seeking a Data Bearing Device (DBD) Security Operations Analyst to support operational governance of physical storage media across its full lifecycle-deployment, movement, sanitization, reuse, and destruction. This role is handson and operational, focused on intake triage, investigation, documentation, and crossfunctional coordination with data center operations, logistics, and engineering teams. This is not a static compliance role. The analyst will make real, riskbased decisions that directly impact the security posture of a global infrastructure environment. Key Responsibilities DBD Intake & Triage Triage incoming requests involving data bearing devices, including media moves, exception reviews, and sanitization status checks. Determine whether requests follow standard governance pathways or require escalation to the IDC Security team. Investigation & Analysis Investigate device state using internal systems (e.g., SeRF, StrongBox, IBOS, PWM), including: Provisioning history Chainofcustody records Sanitization status Inventory state Apply established precedents, internal policies, international standards, and industry best practices to decisionmaking. Documentation & Recordkeeping Document investigation findings and decision rationale in a clear, auditable manner. Support the ongoing transition from paperbased workflows to structured databasedriven tracking. Track open requests through resolution and maintain accurate records. CrossFunctional Coordination Partner with data center operations, logistics, and engineering teams to ensure DBD security requirements are met. Support compliance verification for sanitization and destruction processes. Identify recurring request patterns and flag gaps in documentation, tooling, or process design. Required Qualifications Bachelor's degree or equivalent experience in information security, data center operations, or a related field. 5+ years of experience in one or more of the following: Data center operations IT Asset Disposition (ITAD) IT asset management Data security or hardware lifecycle management Strong understanding of data bearing device lifecycles, including deployment, sanitization, destruction, and reuse. Experience with asset tracking, inventory management, or chainofcustody systems. Strong investigative and analytical skills, with the ability to research device history across multiple data sources. Clear, concise written communication skills for documenting findings and coordinating with stakeholders. Ability to work independently, manage multiple concurrent requests, and prioritize effectively. Note: Candidates whose experience is limited to software or application security without exposure to physical infrastructure, hardware lifecycle management, or data center operations are unlikely to be a fit for this role. Required Technical Experience Deep familiarity with NIST SP 80088 Rev. 1 media sanitization methods (Clear, Purge, Destroy) and how to apply them across different drive types and environments. Handson experience designing or operating secure media sanitization processes, including: Verification steps Documented certificates of destruction Experience implementing and enforcing chainofcustody controls from decommission through verified destruction, including tracking handlers, locations, and final disposition. Preferred / NicetoHave Experience Familiarity with media sanitization standards such as NIST 80088 and IEEE 2883. Experience in hyperscale or enterprise data center environments. Exposure to AIenabled tooling or automation used in operational governance. Understanding of compliance frameworks (SOX, SOC 2, ISO, PCI) as they relate to physical media handling and destruction. Certifications (Optional) No certifications are required, but the strongest signals include: CHAMP / CITAM (IAITAM) - Hardware asset management CISA (ISACA) - IT audit and controls Blancco Certified Erasure Professional - Directly aligned with NIST 80088 Additional helpful certifications: CompTIA Security+ - Foundational security and media sanitization concepts CISSP (Domain 7) - Physical and environmental security, including media handling Performance Measurement Success in this role will be measured by: Triage accuracy: Decisions align with established standards and precedents (spotchecked by the governance lead). Investigation completeness: Consistent use of all relevant systems before making recommendations. Response time: Intake requests triaged within defined SLAs. Escalation judgment: Standard cases handled independently; novel situations escalated appropriately. Documentation quality: Findings and rationale are clear, auditable, and reusable. Candidate Value Proposition Direct involvement in securing data bearing devices across their full lifecycle at massive scale. Exposure to hyperscale data center security operations few organizations can offer. Opportunity to work with emerging standards (IEEE 2883, NIST 80088) applied in realworld, highimpact scenarios. Meaningful contribution to sustainability and circularity initiatives tied to hardware reuse and destruction. A growing governance function building new frameworks and tooling-not a checkbox compliance role. Pay Details: $70.00 to $90.00 per hour Search managed by: William Staadt Benefit offerings available for our associates include medical, dental, vision, life insurance, short-term disability, additional voluntary benefits, EAP program, commuter benefits and a 401K plan. Our benefit offerings provide employees the flexibility to choose the type of coverage that meets their individual needs. In addition, our associates may be eligible for paid leave including Paid Sick Leave or any other paid leave required by Federal, State, or local law, as well as Holiday pay where applicable. Equal Opportunity Employer/Veterans/Disabled Military connected talent encouraged to apply To read our Candidate Privacy Information Statement, which explains how we will use your information, please navigate to The Company will consider qualified applicants with arrest and conviction records in accordance with federal, state, and local laws and/or security clearance requirements, including, as applicable: The California Fair Chance Act Los Angeles City Fair Chance Ordinance Los Angeles County Fair Chance Ordinance for Employers San Francisco Fair Chance Ordinance Massachusetts Candidates Only: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Created: 2026-03-05