Cybersecurity Compliance Lead - Remote - FS437

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field
• Professional certification in security or compliance domains, such as CISSP, CISA, CISM, or CRISC
• 3 years of experience in security or compliance roles, preferably in a similar industry or sector
• Experience in auditing Managed Service Providers (MSPs) and multi-tenant environments is essential
• Experience differentiating between in scope and out of scope and a line of demarcation between corporate networks, service networks, and customer cloud network, typically in an MSP context
• Experience managing audit when only part of the corporate network and Active Directory are in scope
• Ideal candidate will have technical experience with networks, Active Directory, perimeter security, systems, storage backup, disaster recovery, and virtual private networking
• Proficient in security and compliance frameworks and standards, such as NIST 800-53, ISO 27001, PCI DSS, SOC 2, or HIPAA
• Self-motivated, with the ability to adapt to change
• Excellent communication, writing, and presentation skills
• Ability to communicate effectively with different audiences and levels of authority
• Interpersonal skills to influence and spur change
• Strong analytical, problem-solving, and decision-making skills
• Ability to manage client expectations
• Excellent planning and organization skills
• Ability to work independently and collaboratively in a fast-paced and dynamic environment
• Energetic, professional, enthusiastic, and positive attitude
• Strong work ethic, high integrity, and commitment to success

Responsibilities

• Lead the cybersecurity compliance program, combining hands-on operations with program leadership responsibilities
• Develop and mentor cybersecurity team members, including direct supervision, goal-setting, and professional development of junior analysts
• Lead development and execution of cybersecurity compliance strategies and solutions
• Drive organizational security program maturity through metrics development and process improvement
• Maintain compliance frameworks and attestations, including NIST CSF, ISO 27001, and SOC 2 Type II
• Provide strategic guidance to vulnerability management programs and security initiatives
• Conduct and oversee audits and assessments of systems, policies, and practices
• Develop and implement solutions to improve security compliance posture and performance
• Lead internal and external audit processes for cloud division operations
• Manage BIA, BCDR/IR planning, testing, and vendor risk management programs
• Serve as primary liaison with management, auditors, clients, and business partners
• Present compliance status and strategic recommendations to executive leadership
• Coordinate cross-functional teams to support security initiatives
• Manage client assurance programs and security questionnaire responses
• Research and maintain expertise in evolving security laws, regulations, and best practices
• Advise on security awareness training program on security compliance requirements
• Provide guidance on compliance decisions and risk acceptance recommendations
• Develop and maintain risk management strategy, policies, and procedures
• Ensure alignment between security compliance activities and enterprise risk management
• Continuously introduce positive changes and promote adoption of best practices to enhance security program effectiveness
• Foster a culture of security awareness and compliance throughout the organization
• Hiring, leading, and mentoring
• Contribute to interview and hiring process as needed
• Lead by example and have a strong ability to inspire and motivate people to success
• Collaborate with other teams and lead initiatives to successful outcomes
• Foster a spirit of teamwork and unity