Director of Information Security & Compliance
Role details
Job location
Tech stack
Job description
We are seeking an experienced Director of Information Security & Compliance to lead and strengthen our cybersecurity, risk management, and regulatory compliance programs. This role will be responsible for developing security strategy, ensuring compliance with federal and industry standards, and protecting enterprise systems, networks, and cloud infrastructure., * Develop and execute the organization's information security strategy.
- Lead cybersecurity, risk management, incident response, and business continuity initiatives.
- Manage compliance programs including SOC 2, FedRAMP, NIST, and related security frameworks.
- Oversee cloud security architecture and governance within Gov Cloud
- Direct firewall strategy, network security controls, and vulnerability management programs.
- Conduct security risk assessments and implement remediation plans.
- Collaborate with executive leadership on security posture, compliance requirements, and risk mitigation.
- Manage third-party security assessments and vendor risk programs.
- Develop and maintain security policies, procedures, and training programs.
- Lead internal and external audits and support regulatory compliance initiatives.
Requirements
Do you have experience in Stakeholder management?, Do you have a Bachelor's degree?, The ideal candidate will have extensive experience with SOC 2, FedRAMP, firewall administration, Gov Cloud , and security governance frameworks. Experience with CMMC (Cybersecurity Maturity Model Certification) is highly desirable., * Bachelor's degree in Information Security, Computer Science, Information Technology, or related field.
- 8+ years of progressive information security experience, including leadership responsibilities.
- Demonstrated experience leading or supporting FedRAMP compliance initiatives.
- Strong experience with SOC 2 (Service Organization Control) audits and compliance programs.
- Extensive knowledge of firewall technologies, network security, and cybersecurity best practices.
- Hands-on experience with Gov Cloud security and administration.
- Strong understanding of NIST 800-53, risk management frameworks, and security governance.
- Excellent leadership, communication, and stakeholder management skills.
Preferred Qualifications
- Experience with CMMC (Cybersecurity Maturity Model Certification) programs.
- Professional certifications such as CISSP, CISM, CISA, CCSP, or similar.
- Experience supporting government contractors or highly regulated industries.
- Familiarity with vulnerability management, SIEM platforms, and cloud security tools.
Benefits & conditions
- Competitive salary and bonus opportunity.
- Comprehensive benefits package.
- Flexible work environment.
- Opportunity to build and lead enterprise security programs.
- High visibility with executive leadership and strategic initiatives.
Pay: $90,000.00 - $120,000.00 per year