Director - IT Compliance

USA Rare Earth, LLC

8d•$215,000 - $239,000

About The Position

USA Rare Earth is seeking a highly skilled and adaptable Director of IT Compliance to lead the development, implementation, and acceleration of the company’s IT compliance, governance, and risk management programs during a period of rapid growth and regulatory change. This role is critical as the organization prepares for an accelerated SOX and regulatory compliance timeline, requiring a leader who can build programs from the ground up, operationalize policies across the business, and partner effectively with technical and non-technical teams in both IT and manufacturing (OT) environments. The ideal candidate brings deep compliance expertise combined with a pragmatic, collaborative leadership style and experience operating in fast-paced, evolving organizations (startup, scale-up, or highly dynamic environments). This position works closely with cybersecurity, operations, finance, quality, legal, and external auditors to ensure the company remains secure, compliant, and audit-ready without disrupting production or business momentum.

Requirements

8–12+ years of experience in IT compliance, IT audit, cybersecurity governance, or related fields.
Bachelor’s degree in Information Technology, Cybersecurity, Business, or related field (Master’s preferred).
Demonstrated experience building and scaling compliance programs in growing or evolving organizations.
Experience in manufacturing, industrial, or regulated environments strongly preferred.
Proven ability to lead audits and regulatory initiatives under compressed timelines.

Nice To Haves

CISA, CISM, CRISC, CISSP, ISO 27001 Lead Implementer/Auditor, or similar.

Responsibilities

Compliance Program Leadership
Build, implement, and mature the company’s IT compliance framework aligned with standards such as ISO 27001, NIST CSF, SOX, CMMC, GDPR, and industry-specific requirements.
Lead accelerated compliance initiatives in response to changing SOX and regulatory obligations.
Develop, refine, and roll out IT policies, procedures, and technical controls across the enterprise, ensuring adoption and understanding by stakeholders.
Lead internal and external IT audits, including planning, evidence collection, remediation, and reporting.
Monitor regulatory changes and emerging compliance risks and advise leadership on required actions.
Risk Management & Governance
Conduct regular IT and OT risk assessments and drive mitigation strategies in collaboration with business and technical teams.
Oversee third-party and vendor risk management, including security assessments and contract compliance.
Embed compliance requirements into new technology initiatives, system upgrades, and digital transformation projects.
Establish governance structures that support consistent and scalable control implementation across business units.
Cybersecurity & Manufacturing Alignment
Partner with cybersecurity teams to ensure security controls meet regulatory and compliance expectations.
Support incident response planning, tabletop exercises, and post-incident reviews from a compliance perspective.
Ensure manufacturing systems (ICS/SCADA/OT) adhere to security and compliance standards while maintaining production continuity.
Training, Communication & Culture
Develop and deliver IT compliance training and awareness programs for employees, contractors, and system owners.
Promote a culture of accountability, security, and compliance through clear communication and collaborative engagement.
Translate complex compliance requirements into practical, business-friendly guidance for teams under high operational pressure.
Documentation & Reporting
Maintain accurate documentation of controls, processes, audit results, and remediation activities.
Provide regular compliance updates and risk reporting to executive leadership.
Track and report key compliance metrics and risk indicators.