Manager Security Compliance and Risk Management

Reed TechnologyRaleigh, NC
$118,300 - $219,800Hybrid

About The Position

The Manager, Security – Security Compliance & Risk Management is responsible for leading the Security Compliance and Risk Management function within the Information Security organization. This role owns the frameworks, processes, and programs that provide structured oversight of technology and security risk across the company. This manager serves as a critical bridge between the security program and the business — translating risk into actionable insight for executives, boards, auditors, regulators, and customers. This is a people manager role overseeing a team of security engineers responsible for the day-to-day operationalization of audit, compliance, control, and FedRAMP Continuous Monitoring activities. The right candidate is both a capable program builder and an engaged people leader who can develop talent, allocate work effectively, and drive consistent execution across the team.

Requirements

  • Experience in leading security compliance and risk management functions.
  • Experience in managing a team of security engineers.
  • Experience in developing and operating risk registers.
  • Experience in leading risk exception and acceptance processes.
  • Experience in driving the identification, escalation, and resolution of cybersecurity risks and issues.
  • Experience in providing risk-based reporting to executive and board-level decision-making.
  • Experience in overseeing enterprise control management activities.
  • Experience in mapping controls to frameworks like NIST CSF, ISO 27001, SOC 2.
  • Experience in supporting cybersecurity compliance certifications (e.g., ISO 27001, SOC 2, Cyber Essentials).
  • Experience in regulatory horizon scanning.
  • Experience in coordinating and monitoring security and compliance assessments.
  • Experience in developing and reporting on metrics for organizational adherence to security policies.
  • Experience in overseeing end-to-end execution of audit engagements.
  • Experience serving as a primary interface for auditors and regulators.
  • Experience ensuring cross-functional coordination for audit readiness.
  • Experience overseeing the maintenance of an assurance evidence library.
  • Experience in providing oversight for FedRAMP Continuous Monitoring programs.
  • Experience overseeing the execution of recurring ConMon activities.
  • Experience tracking and managing findings and remediation activities.
  • Experience serving as an escalation point for ConMon-related issues.

Nice To Haves

  • Capability as a program builder.
  • Engaged people leader.
  • Ability to develop talent.
  • Ability to allocate work effectively.
  • Ability to drive consistent execution across the team.

Responsibilities

  • Manage, mentor, and develop a team of security engineers
  • Set clear priorities, delegate work effectively, and maintain team capacity across concurrent audit, compliance, and ConMon activities
  • Foster a culture of quality, accountability, and continuous improvement within the team
  • Own and operate the enterprise technology and security risk register, including risk identification, scoring, tracking, and reporting
  • Lead the risk exception and risk acceptance process, ensuring appropriate documentation, approvals, and periodic review
  • Drive identification, escalation, and resolution of cybersecurity risks and issues across the organization
  • Serve as a trusted advisor to business and technology stakeholders on compliance and risk matters
  • Provide risk-based reporting to support executive and board-level decision-making on the state of the security program
  • Oversee enterprise control management activities, including control design, testing, effectiveness tracking, issue management, and remediation
  • Map controls to applicable frameworks including NIST CSF, ISO 27001, SOC 2, and other relevant technology-sector obligations
  • Support and maintain cybersecurity compliance certifications and initiatives (e.g., ISO 27001, SOC 2, Cyber Essentials)
  • Perform regulatory horizon scanning to identify emerging compliance requirements and assess organizational impact
  • Coordinate and monitor recurring security and compliance assessments, including internal reviews, control self-assessments, and gap analyses
  • Develop and maintain metrics that measure organizational adherence to security policies, and report findings to leadership with recommendations for remediation where gaps exist
  • Oversee the team’s end-to-end execution of audit engagements, ensuring the audit calendar, evidence collection, issue tracking, and management responses are completed accurately and on time
  • Serve as the primary interface for internal audit, external auditors, regulators, and customer assurance reviews, directing team members on their respective workstreams
  • Ensure cross-functional coordination is in place so that business and technical stakeholders are audit-ready and delivering evidence on time
  • Oversee the maintenance and integrity of the assurance evidence library to support efficient, repeatable, and high-quality audit response across all engagements
  • Provide oversight and direction for the FedRAMP Continuous Monitoring program, ensuring all ConMon obligations are met in accordance with FedRAMP requirements
  • Oversee the team’s execution of recurring ConMon activities, ensuring deliverables are accurate, timely, and aligned with agency expectations
  • Ensure findings and remediation activities are tracked and managed to resolution within required timeframes
  • Serve as an escalation point for ConMon-related issues and interface with relevant stakeholders on program status and risk

Benefits

  • Annual incentive bonus
  • Country specific benefits
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service