Director of Information & Cybersecurity Compliance (HYBRID)

About The Position

Requirements

• Bachelor’s degree in Computer Science or a related discipline
• Established foundation in cyber law, regulatory compliance or equivalent experience working closely with legal and regulatory bodies.
• 8+ years in information security, compliance, audit, legal and/or cyber risk management roles with increasing leadership responsibility.
• Demonstrated experience managing regulatory interactions, security audits, and enterprise compliance programs.
• Proven skills leading and developing high-performing teams in complex, regulated environments.
• Established understanding of cybersecurity regulatory landscapes and assurance practices within large organizations.
• Passion for leading, coaching, and developing team members.
• Agile Methodologies: Knowledge of concept and principles of agile methodology; ability to apply appropriate agile approaches in the processes of software development and delivery.
• Coaching Others: Knowledge of coaching and mentoring concepts and methods; ability to encourage, motivate, and guide individuals in learning and improving effectiveness.
• Information Security Management: Knowledge of the processes, tools and techniques of information security management; ability to deploy and monitor information security systems, while detecting, controlling and preventing violations of IT security.
• IT Governance: Knowledge of the accountability framework and processes used to encourage proper behavior in IT activities and operations; ability to implement IT systems and controls to meet business needs and requirements.

Nice To Haves

• Juris Doctorate or Master’s in Cybersecurity
• CISSP, CISM, CISA, CRISC or equivalent credentials

Responsibilities

• Design, implement, and continuously enhance the organization’s information security compliance program, ensuring alignment with regulatory requirements and industry best practices (e.g. NIST CSF, ISO, CIS, SOC, etc.).
• Serve as a trusted advisor on compliance risks, emerging regulatory requirements and strategic security initiatives.
• Lead enterprise control assurance and compliance testing programs, identifying gaps, driving remediation and ensuring continuous improvement.
• Maintain audit readiness through routine control evaluations, evidence management and collaborative remediation planning across functions.
• Oversee the 3rd party vendor security assessment function, due diligence and risk scoring, ensuring alignment with internal standards and regulatory obligations.
• Act as a subject matter expert for security assessments and guide responses to questionnaires.
• Lead interactions with examiners, audit and client review teams.
• Drive enterprise readiness for regulatory examinations and coordinating cross-functional preparation.
• Direct enterprise security risk assurance reviews and ensure risks are documented, communicated and addressed effectively through structured risk management plans.
• Build, mentor and empower a high-performing compliance and assurance team, fostering a culture of accountability, growth and partnership.
• Communicate complex regulatory and technical topics in accessible terms to executives, business leaders, clients and operational teams.
• Continue to build strong trusted relationships across IT, Audit, Legal, Privacy and Risk Management teams.
• Performs additional responsibilities as requested to meet overall business objectives.

Benefits

• Equitable provides a full range of benefits. This includes medical, dental, vision, a 401(k) plan, and paid time off.