Senior IT Compliance Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

onsemi · 19 hours ago

Senior IT Compliance Analyst

position5701 N Pima Road, Scottsdale, AZ, 85250, US
timeFull-time
remoteOnsite
seniorityMid, Senior Level
date3+ years exp

onsemi is a company driving disruptive innovations to help build a better future. The Senior IT Compliance Analyst will lead the governmental IT compliance program, ensuring adherence to federal standards and driving compliance initiatives across the organization.

AutomotiveCommercialConsumer ElectronicsEnergyEnergy EfficiencyInternet of ThingsRenewable EnergySalesSensor
badNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Develop and lead onsemi’s enterprise-wide compliance strategy and program, covering CMMC, DFARS, NIST 800-171, ITAR/EAR, and CUI handling, including policies, procedures, and controls
Drive CMMC compliance initiatives, ensuring adherence to NIST SP 800-171 standards and serving as the primary liaison with external CMMC Third-Party Assessor Organizations (C3PAOs) and internal IT and Legal & Compliance teams
Identify and assess compliance risks and gaps related to CUI and technical data; develop and implement mitigation strategies and Plans of Action and Milestones (POA&Ms)
Lead remediation efforts for POA&Ms during CMMC Level 2 gap assessments and prepare onsemi for achieving CMMC Level 2 certification by 2027
Oversee ITAR and export compliance remediation for IT-related gaps, partnering with Legal and Compliance teams to ensure regulatory adherence
Prepare, maintain, and manage all required documentation, including System Security Plans (SSPs), POA&Ms, security logs, and training records, ensuring audit readiness for government or third-party assessments
Advise senior leadership on strategic IT compliance risks, mitigation plans, and integration with business objectives
Manage audit readiness and external assessments, ensuring documentation, evidence, and control implementation meet regulatory requirements
Monitor regulatory updates (DoD, DDTC, etc.) and recommend adjustments to IT compliance programs
Conduct IT compliance gap assessments and collaborate with IT, Business, Facilities, Legal, and Compliance teams to ensure security, access, and incident reporting controls comply with CUI, ITAR, and EAR requirements
Support incident reporting and response coordination, ensuring DFARS and ITAR/EAR IT requirements are met
Develop, implement, and enforce cybersecurity policies, incident response plans, and SSPs to protect CUI
Maintain compliance metrics and risk tracking, reporting status and findings to leadership
Continuously evaluate and enhance compliance programs, incorporating industry best practices and benchmarking
Lead policy governance, including development, review, and lifecycle management of compliance-related policies
Develop and deliver compliance training and awareness programs for employees and contractors handling CUI or export-controlled data
Provide end-user support and training on IT tools, cybersecurity awareness, and best practices

Qualification

CMMC complianceNIST 800-171ITAR complianceDFARS complianceCompliance risk managementControlled Unclassified InformationSSP/POA&M developmentCybersecurity policiesIncident response planningSecurity auditing

Required

3 to 5 years of experience in compliance, information security, or defense contracting
3 to 5 years of experience in cybersecurity, with a focus on CMMC compliance or a similar framework (e.g., NIST 800-171, ISO 27001, ITAR, EAR)
3 to 5 years of experience with U.S. export laws; practical application of NIST 800‑171 control families; building SSP/POA&M; enabling SPRS submissions and audit readiness
Deep understanding of Controlled Unclassified Information (CUI) regulations, including NIST SP 800-171 and DFARS
Familiarity with FAR, DFARS, ITAR, and EAR regulations and their application to CUI handling
Familiarity with SSPs, POA&Ms, and CMMC compliance documentation
Experience developing and overseeing CUI programs to ensure compliance with federal regulations
Experience preparing organizations for DoD audits, CMMC assessments, and government security reviews
Proficient in compliance risk management, monitoring controls, and implementing remediation plans
Strong knowledge of risk management processes, security auditing, and incident response planning

Company

onsemi

twittertwittertwitter
Glassdoor3.6
company-logo
onsemi (Nasdaq: ON) is driving disruptive innovations to help build a better future.
dateFounded in 1999
location
Phoenix, Arizona, USA
people-size10001+ employees
web-link
http://www.onsemi.com

Funding

Current Stage
Public Company
Total Funding
unknown
2022-12-09Post Ipo Equity
2000-04-28IPO

Leadership Team

leader-logo
Hassane El-Khoury
President, CEO & Board Member
linkedin
leader-logo
Thad Trent
Chief Financial Officer and Executive Vice President
linkedin

Recent News

MarketScreener
Onsemi to Develop Next-Generation GaN Power Devices with GlobalFoundries
2025-12-18
GlobeNewswire
onsemi and FORVIA HELLA Extend Strategic Collaboration with Next-Generation Power Technology
2025-12-11
Semiconductor Components Industries, LLC
onsemi and Innoscience Announce Plans to Collaborate to Speed Global Rollout of GaN Power Portfolio
2025-12-02
Company data provided by crunchbase