Cyber Security Compliance Manager

About The Position

Requirements

• Minimum 6 years of experience in corporate compliance, cybersecurity governance, or risk management.
• Bachelor’s degree in Management Information Systems (MIS), Computer Science (CS), or a related field (Master’s preferred).
• Proven success managing SOC 2, FedRAMP, or NIST 800-171 programs.
• Deep understanding of IT and security controls across cloud, network, and endpoint environments.
• Exceptional organizational skills with a strong ability to manage multiple projects under tight deadlines.
• Clear and concise communicator, capable of interfacing effectively with executives, engineers, and auditors.
• Proven negotiation, documentation, and analytical skills with acute attention to detail.
• Self-motivated, resourceful, and adaptable in a fast-moving, high-accountability culture.
• Excellent written communication and presentation skills.

Nice To Haves

• Certifications such as CISA, CISM, CISSP, CRISC, or ISO 27001 Lead Implementer/Auditor.
• Experience with FedRAMP Moderate or High Baseline and working knowledge of SSPs, POA&Ms, and continuous monitoring.
• Familiarity with cloud platforms (Azure, AWS, GCP) and their compliance ecosystems.
• Prior experience working in a cybersecurity, SaaS, or technology company.
• Demonstrated ability to translate technical security requirements into actionable compliance controls.

Responsibilities

• Develop and implement organizational compliance strategies that align with company objectives.
• Design, monitor, and enhance control systems to detect and prevent violations of legal rules and internal policies.
• Collaborate with leadership to advance ThreatLocker’s corporate governance and compliance maturity.
• Align documentation, processes, and controls with frameworks including SOC 2 Type II, FedRAMP, NIST 800-171, ISO 27001, and other emerging standards.
• Own and lead external audit engagements, including evidence collection, gap remediation, and continuous improvement tracking.
• Oversee the development, review, and management of corporate compliance and information security policies.
• Identify, assess, and mitigate organizational and product risks through collaboration with technical and operational teams.
• Conduct internal compliance audits and risk assessments to verify adherence to internal and external standards.
• Manage vendor and supply chain compliance processes, including due diligence and ongoing risk monitoring.
• Develop and deliver staff compliance training and awareness programs.
• Establish compliance metrics and KPIs; report posture and audit readiness to senior leadership.
• Support compliance components of product specifications, liaise with customers and auditors, and provide documentation during due diligence or RFP processes.
• Minimize legal and regulatory risks by staying current with legislation and recommending procedural updates.
• Work closely with the Sales team to support RFQs, RFPs, and customer due diligence requests by providing timely and accurate compliance documentation.
• Other duties as assigned.