Senior Cybersecurity and Compliance Director

Emergent LLC-posted 3 days ago
Full-time • Mid Level
Hybrid • Virginia Beach, VA
251-500 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Senior Cybersecurity and Compliance Director is a senior level role responsible for establishing, managing, and continuously improving the company’s internal information security, cybersecurity compliance, and risk management programs. This leadership role ensures the organization meets all obligations associated with supporting state and local government clients, federal civilian agencies, and DoD contractors, including compliance with NIST SP 800-171, CMMC, ISO/IEC 27001:2022, and PCI-DSS (as required). Reporting directly to the General Counsel, the Senior Cybersecurity and Compliance Director drives internal cybersecurity governance, oversees enterprise risk decisions, ensures regulatory and contractual compliance, and serves as the final authority over all internal security controls, policies, security operations, and incident response.

  • Develop and execute a corporate cybersecurity strategy aligned with business objectives, risk appetite, regulatory requirements, and government contracting obligations.
  • Lead the internal security function, including security engineering, security operations, governance, and privacy alignment.
  • Advise the General Counsel and executive leadership team on cyber risk, compliance exposure, and major security decisions.
  • Provide regular reporting to executive leadership, the CEO, and the Board on security posture, risks, incidents, and compliance programs.
  • Responsible for corporate compliance with all government and industry cybersecurity frameworks:
  • NIST SP 800-171
  • CMMC (current and emerging versions)
  • DFARS 252.204-7012 obligations
  • FAR & agency-specific security clauses for civilian agency support
  • State and local government IT security requirements
  • ISO/IEC 27001:2022
  • PCI-DSS (as applicable)
  • Oversee the internal Information Security Management System (ISMS) and maintain certification readiness.
  • Lead internal audits, evidence collection, POA&M management, and continuous monitoring.
  • Maintain a current System Security Plan (SSP), risk register, and compliance documentation library.
  • Ensure all contractual cybersecurity clauses and flow-downs are properly implemented across the organization.
  • Lead enterprise security operations, including vulnerability scanning and remediation, endpoint and mobile device security, network and cloud security (Azure/AWS/O365, etc.), identity and access management (IAM/MFA/privileged access) and SIEM, logging, and monitoring.
  • Oversee the enterprise’s incident detection and response program, including tabletop exercises, escalation procedures, after-action reporting, and legally mandated notifications.
  • Ensure secure design and implementation of all internal IT systems, SaaS platforms, and corporate infrastructures.
  • Own and manage the corporate cybersecurity risk management program.
  • Conduct and oversee periodic risk assessments and ensure appropriate risk treatment decisions.
  • Present risk acceptance or mitigation recommendations to the General Counsel and executive team.
  • Ensure cybersecurity is fully integrated with enterprise risk, legal review, and corporate governance processes.
  • Work closely with the General Counsel on regulatory compliance, contract reviews incident response coordination, data protection and privacy obligations and government security clauses and reporting.
  • Collaborate with Finance, HR, IT, Sales, and Operations to embed security into enterprise processes, onboarding/offboarding, procurement, and solution development.
  • Support Sales and Contracts on internal security representations (e.g., RFP responses, vendor security reviews).
  • Oversee third-party risk assessments, due diligence, contract security language, and ongoing monitoring.
  • Ensure that subcontractors, SaaS applications, cloud services, and strategic partners meet internal and client-imposed security requirements.
  • Maintain and enforce vendor security policies and security addenda.
  • Bachelor’s degree in cybersecurity, information technology, business, or related discipline; Master’s preferred and/or equivalent work experience.
  • 10+ years of experience in cybersecurity and information security roles.
  • 5+ years in senior leadership or CISO-level capacity.
  • Direct experience managing internal cybersecurity programs within a government contracting, technology, or professional services organization.
  • Expert-level knowledge of NIST SP 800-171, CMMC, ISO/IEC 27001:2022, DFARS, FAR, and federal agency cybersecurity requirements, state and local government security expectations, and PCI-DSS (where applicable).
  • Proven ability to lead internal incident response, risk management, and enterprise GRC programs.
  • Senior leader-level communication and ability to articulate cybersecurity risk to legal, operational, and business leaders.
  • Strong decision making, judgment, and ability to prioritize risk in a business-focused environment.
  • Integrity, confidentiality, and composure in handling sensitive or high-impact matters.
  • Deep understanding of federal, state, and local government contracting cybersecurity requirements.
  • CISSP, CISM, CRISC or CGEIT, PCI ISA/QSA experience beneficial
  • Comprehensive Health, Dental, and Vision plans
  • Premier 401k retirement plan with corporate matching and a 529 college saving plan
  • Tax-advantaged Health Savings Account and Dependent Care Flexible Spending Account options
  • Legal Resources
  • Generous work/life balance opportunities supported by a PTO bank, paid holidays, leave programs and additional flex time off
  • Employee referral program
  • Employee recognition, gift and reward program
  • Tuition reimbursement for continuing education
  • Remote or hybrid work options
  • Engaging company events such as team building activities, annual awards and kick-off parties
  • Health and wellness-focused activities
  • Relaxation Spaces
  • In-office gourmet coffee, tea, fresh fruit and healthy snacks
  • Corporate GREEN approach – tracking energy consumption for reduction and purchasing only environmentally friendly products for our offices
Track Jobs with Teal

Job Search Resources

Resume Builder
Compliance Director Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service