We are looking for an experienced IT Compliance Analyst to help strengthen and mature our technology risk, security, and compliance programs. This is an excellent opportunity for a detail-oriented, collaborative professional who enjoys building strong controls, supporting audit readiness, and partnering across IT, Security, and business teams to protect the organization and support continued growth.
In this role, you will serve as a trusted compliance partner and subject matter expert, helping align internal controls and security practices with key frameworks such as SOX, CMMC, SOC 2, NIST, and ISO/IEC 27001. You will support audits, assess risks, coordinate evidence, strengthen vendor and customer security review processes, and contribute to emerging areas such as AI risk governance and business continuity readiness.
Why This Role Matters
Technology compliance is critical to CNA National’s ability to operate securely, serve our customers, and continue advancing our security and risk programs. The IT Compliance Analyst will play a key role in reducing compliance risk, improving audit preparedness, and helping teams translate complex regulatory and security expectations into clear, practical actions.
Schedule and Location
Role is based in Scottsdale, Arizona, working a hybrid schedule of four days in the office and one day remote.
What You’ll Do
-
Support IT compliance programs through control assessments, audit coordination, evidence preparation, and continuous monitoring.
-
Partner with IT, Security, Development, and business teams to identify risks, address control gaps, and improve compliance readiness.
-
Lead or support security and privacy assessments, vendor risk reviews, and customer security questionnaire responses.
-
Map internal policies and technical safeguards to applicable frameworks, including SOX, CMMC, SOC 2, NIST, and ISO/IEC 27001.
-
Contribute to AI risk and governance activities by helping assess use cases, document controls, and support responsible AI practices.
-
Assist with business continuity, disaster recovery, and team documentation efforts to support operational resilience.
What You’ll Bring
-
Strong experience in IT, security, audit, risk, or compliance, with hands-on knowledge of common security frameworks and control environments.
-
Experience supporting audits, managing evidence requests, documenting controls, and working with GRC tools.
-
Excellent communication skills with the ability to explain technical and compliance requirements clearly to a variety of stakeholders.
-
A collaborative, solutions-oriented mindset and the ability to manage multiple priorities with accuracy and follow-through.
-
Curiosity and adaptability as compliance expectations evolve, including emerging areas such as AI governance and security risk management.
Why Join CNA
At CNA, your work makes a meaningful impact. We are a respected leader in automotive protection products with a strong history, award-winning service, and a continued focus on investing in our people and technology. You’ll join a collaborative team environment where integrity, accountability, innovation, and customer focus guide how we serve our clients and support one another.
If you are passionate about compliance, security, risk management, and building practical solutions that help an organization operate with confidence, we encourage you to apply.