Information Security Compliance Lead

Dragonfli GroupWashington, DC
Hybrid
Match Resume

About The Position

Dragonfli Group is seeking an Information Security Compliance Lead for a high-stakes, client-facing engagement. This is a pure-play GRC role supporting an active information security program within a premier client environment. The successful candidate will act as a primary lead for the GRC function, requiring deep compliance execution experience, exceptional professional presence, and the ability to operate with total autonomy from day one. The right candidate will be able to manage audit cycles and platform implementations immediately.

Requirements

  • 2-5+ years supporting information security in large, complex environments (Law firm or Big 4 experience strongly preferred).
  • Expert-level working knowledge of ISO 27001 and NIST CSF.
  • Proven experience implementing or managing Vanta or equivalent trust center platforms.
  • Exceptional written and interpersonal communication skills; ability to produce "client-ready" deliverables without internal oversight.
  • Bachelor's degree in computer science, information security, or related field; equivalent experience considered.
  • Preferred certifications: CISSP, CISA, or CompTIA Security+.

Nice To Haves

  • GRC platform expertise (Vanta, OneTrust, Archer, or ServiceNow GRC).
  • Security questionnaire automation tools (Whistic, Responsive, Loopio).
  • Third-party risk management (TPRM) fundamentals and SOC 2 Type I/II audit support.
  • GDPR, CCPA, and AI privacy regulation familiarity.
  • Evidence collection, audit artifact management, and policy lifecycle management.
  • Risk register development and maintenance.
  • Business continuity and disaster recovery documentation support.
  • Strong proficiency in Microsoft 365 (SharePoint, Teams, Word, Excel) for collaboration.
  • Experience working in a ticketing or GRC workflow environment (Jira, ServiceNow).

Responsibilities

  • Independently complete complex client security questionnaires and audit responses using established firm precedent and maintain organized submission records.
  • Lead compliance monitoring and enforcement against ISO 27001 and ISO 42001 (AI Management System).
  • Directly manage the 30-day implementation and optimization of the Vanta trust center platform.
  • Conduct and document risk assessments, policy reviews, and audit evidence gathering for an upcoming audit window.
  • Develop and maintain cybersecurity policies and procedures aligned to regulatory requirements and AI/ML-enabled monitoring.
  • Deliver and track compliance training and awareness initiatives; report outcomes to leadership.
  • Interface directly with client legal, compliance, and IT stakeholders as a polished representative of the firm.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Job Search Resources

Similar Information Security Compliance Lead job opportunities

Information Security & Compliance Officer
smallpdf
smallpdf4d • Hybrid
Information Security Compliance Analyst
Fortive
Fortive10d
Information Security Compliance Analyst
S R International
S R International • Phoenix, AZ11d • Hybrid
Alternate Information Security Compliance Manager
The University of Texas at Austin
The University of Texas at Austin • Austin, TX12d • Onsite
Lead Information Security Engineer
Mastercard
Mastercard • Salt Lake City, UT13d • Onsite
Lead Engineer, Information Security
Lowe's Companies, Inc.
Lowe's Companies, Inc. • Charlotte, NC13d • Onsite

Tools

Templates & Examples

Resources

Comparisons

Company

Over 4 Million Users
Free AI tools and resources to help you land your next job, faster
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service