Director of Information Security & Compliance

Resources, Inc
Doylestown, United States of America
17 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 120K

Job location

Doylestown, United States of America

Tech stack

Application Firewall
Cloud Computing
Cloud Computing Security
Computer Security
Network Security
Security Information and Event Management
Software Vulnerability Management
Information Technology

Job description

We are seeking an experienced Director of Information Security & Compliance to lead and strengthen our cybersecurity, risk management, and regulatory compliance programs. This role will be responsible for developing security strategy, ensuring compliance with federal and industry standards, and protecting enterprise systems, networks, and cloud infrastructure., * Develop and execute the organization's information security strategy.

  • Lead cybersecurity, risk management, incident response, and business continuity initiatives.
  • Manage compliance programs including SOC 2, FedRAMP, NIST, and related security frameworks.
  • Oversee cloud security architecture and governance within Gov Cloud
  • Direct firewall strategy, network security controls, and vulnerability management programs.
  • Conduct security risk assessments and implement remediation plans.
  • Collaborate with executive leadership on security posture, compliance requirements, and risk mitigation.
  • Manage third-party security assessments and vendor risk programs.
  • Develop and maintain security policies, procedures, and training programs.
  • Lead internal and external audits and support regulatory compliance initiatives.

Requirements

Do you have experience in Stakeholder management?, Do you have a Bachelor's degree?, The ideal candidate will have extensive experience with SOC 2, FedRAMP, firewall administration, Gov Cloud , and security governance frameworks. Experience with CMMC (Cybersecurity Maturity Model Certification) is highly desirable., * Bachelor's degree in Information Security, Computer Science, Information Technology, or related field.

  • 8+ years of progressive information security experience, including leadership responsibilities.
  • Demonstrated experience leading or supporting FedRAMP compliance initiatives.
  • Strong experience with SOC 2 (Service Organization Control) audits and compliance programs.
  • Extensive knowledge of firewall technologies, network security, and cybersecurity best practices.
  • Hands-on experience with Gov Cloud security and administration.
  • Strong understanding of NIST 800-53, risk management frameworks, and security governance.
  • Excellent leadership, communication, and stakeholder management skills.

Preferred Qualifications

  • Experience with CMMC (Cybersecurity Maturity Model Certification) programs.
  • Professional certifications such as CISSP, CISM, CISA, CCSP, or similar.
  • Experience supporting government contractors or highly regulated industries.
  • Familiarity with vulnerability management, SIEM platforms, and cloud security tools.

Benefits & conditions

  • Competitive salary and bonus opportunity.
  • Comprehensive benefits package.
  • Flexible work environment.
  • Opportunity to build and lead enterprise security programs.
  • High visibility with executive leadership and strategic initiatives.

Pay: $90,000.00 - $120,000.00 per year

Apply for this position