Compliance Analyst – ISO 42001 / CMMC / SOC 2

This role supports By Light’s Security Operations Center (SOC) and compliance initiatives, with a focus on achieving and maintaining certifications under ISO/IEC 42001 (AI Management Systems), CMMC Level 2, and SOC 2. The ideal candidate will assist in the implementation, documentation, monitoring, and continuous improvement of enterprise security controls to meet internal policy, federal requirements, and industry standards. This is a hands-on role that blends technical knowledge, compliance strategy, audit preparation, and cross-team collaboration to ensure enterprise-wide security and assurance for AI, cloud, and IT/OT systems. Responsibilities include supporting compliance operations aligned with ISO/IEC 42001, CMMC Level 2, and SOC 2 frameworks, maintaining security documentation, assisting in the implementation and monitoring of cybersecurity controls, and collaborating with IT, engineering, and operations teams. The role also involves developing compliance metrics, conducting internal control reviews, tracking security incidents, and providing briefings to leadership.