Cybersecurity Compliance Lead
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Cybersecurity Compliance Lead at Fresche Solutions responsible for leading the cybersecurity compliance program and mentoring team members. Overseeing audits, developing strategies, and fostering a security culture.
Responsibilities:
- Lead the cybersecurity compliance program, combining hands-on operations with program leadership responsibilities
- Develop and mentor cybersecurity team members, including direct supervision, goal-setting, and professional development of junior analysts
- Lead development and execution of cybersecurity compliance strategies and solutions
- Drive organizational security program maturity through metrics development and process improvement
- Maintain compliance frameworks and attestations, including NIST CSF, ISO 27001, and SOC 2 Type II
- Provide strategic guidance to vulnerability management programs and security initiatives
- Conduct and oversee audits and assessments of systems, policies, and practices
- Develop and implement solutions to improve security compliance posture and performance
- Lead internal and external audit processes for cloud division operations
- Manage BIA, BCDR/IR planning, testing, and vendor risk management programs
- Serve as primary liaison with management, auditors, clients, and business partners
- Present compliance status and strategic recommendations to executive leadership
- Coordinate cross-functional teams to support security initiatives
- Manage client assurance programs and security questionnaire responses
- Research and maintain expertise in evolving security laws, regulations, and best practices
- Advise on security awareness training program on security compliance requirements
- Provide guidance on compliance decisions and risk acceptance recommendations
- Develop and maintain risk management strategy, policies, and procedures
- Ensure alignment between security compliance activities and enterprise risk management
- Continuously introduce positive changes and promote adoption of best practices to enhance security program effectiveness
- Foster a culture of security awareness and compliance throughout the organization
Requirements:
- Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field
- Professional certification in security or compliance domains, such as CISSP, CISA, CISM, or CRISC
- 3 years of experience in security or compliance roles, preferably in a similar industry or sector
- Experience in auditing Managed Service Providers (MSPs) and multi-tenant environments is essential
- Experience differentiating between in scope and out of scope and a line of demarcation between corporate networks, service networks, and customer cloud network, typically in an MSP context
- Experience managing audit when only part of the corporate network and Active Directory are in scope
- Ideal candidate will have technical experience with networks, Active Directory, perimeter security, systems, storage backup, disaster recovery, and virtual private networking
- Proficient in security and compliance frameworks and standards, such as NIST 800-53, ISO 27001, PCI DSS, SOC 2, or HIPAA
- Self-motivated, with the ability to adapt to change
- Excellent communication, writing, and presentation skills
- Ability to communicate effectively with different audiences and levels of authority
- Interpersonal skills to influence and spur change
- Strong analytical, problem-solving, and decision-making skills
- Ability to manage client expectations
- Excellent planning and organization skills
- Ability to work independently and collaboratively in a fast-paced and dynamic environment
- Energetic, professional, enthusiastic, and positive attitude
- Strong work ethic, high integrity, and commitment to success
Benefits:
- great work-life balance
- flexible hours
Similar Jobs
Lead Technical Consultant, Cybersecurity Defense
Lead Technical Consultant managing Cyber Defense projects across Germany, Austria, and Switzerland. Responsible for technical implementation and innovation in Cyber Defense architectures.
Staff Security Product Engineer
Security Engineer building AI-driven security products for application security and operations. Collaborating with product teams to design systems that act on security signals and workflows.
Cybersecurity Risk Engineer
Designing and maintaining secure cloud infrastructures as a Cybersecurity Engineer at Ensemble Health Partners. Focused on enhancing security controls and analyzing potential vulnerabilities in cloud structures.
Engineer, Cybersecurity Risk
Engineer II, Cybersecurity designing and maintaining secure infrastructures for Ensemble Health Partners, while analyzing cloud structures for enhanced security methods.
Senior AI Cybersecurity Engineer
AI Cybersecurity Engineer designing and executing cybersecurity-focused AI governance programs. Collaborating with cross-functional teams on secure AI solutions and policies while ensuring compliance and risk management.
Technical Writer, Cybersecurity
Technical Writer ensuring clarity and consistency in federal cybersecurity documentation. Edit and format various technical documents while collaborating with analysts and SMEs.
Cybersecurity Program Manager
Cybersecurity Program Manager overseeing contract performance and managing cybersecurity teams for federal clients in a remote capacity. Ensuring quality, audit-ready security assessment services are delivered.
Information Security Engineer
Information Security Engineer assessing web technologies and coordinating remediation at G-P. Collaborating with teams to enhance application security and develop automation tools.
Senior Security Architect
XAAS Consultant advising clients on IT Security, focusing on infrastructure, cloud, and application security. Involves hands-on security assessments and developing security architectures.
Security Specialist – Cryptography
Security Specialist focusing on Cryptography for remote projects at The Whiteam Consulting. Collaborating with technology consultants to optimize business profitability.
Protection and Security Specialist
Sicherheitskraft plant und setzt Maßnahmen zur Gefahrenabwehr für Veranstaltungen um. Zusammenarbeit mit Kunden und Behörden in einem der größten Messeunternehmen der Welt.
Information System Security Officer
Information System Security Officer managing security authorization for federal information systems. Overseeing RMF lifecycle activities and ensuring compliance with federal directives.
KMS Security Engineer – Security
KMS Security Engineer ensuring security in crypto wallets for a leading money app company. Responsible for mitigating security risks and collaborating with development teams to maintain security integrity.
Staff Security Engineer
Staff Security Engineer role at a Managed Service Provider overseeing security solutions across diverse clients. Focus on technical leadership, architecture, mentoring, and compliance.
Bug Bounty Security Researcher
Bug Bounty Security Researcher identifying and reporting vulnerabilities in software applications and systems for Inspectiv. Contributing to improving security and participating in bug bounty programs.
IT Security Compliance Assurance Manager – CAM
Information Security Compliance Assurance Manager at Gainwell, managing audits and compliance with HIPAA and NIST frameworks for the organization. Leading security controls and compliance efforts with executive stakeholders and IT.
Social Security Disability Case Manager
Social Security Disability Claims Case Manager at Mindset assisting clients with claims application processes. Responsible for gathering documentation and advocating for clients' claims.
Analyst – Cyber Security Compliance
Cyber Security Analyst conducting PCI Compliance assessments at global live entertainment company Live Nation. Assuring effective implementation of security controls aligned with organizational standards.
Cloud Security Engineer
Cloud Security Engineer ensuring cloud infrastructure security at Camping World. Bridging strategic security requirements with technical implementation in a fast-paced environment.
LLM Security Evaluation Expert
LLM Security Evaluation Expert responsible for testing and ensuring the security of AI systems. Focused on adversarial prompt attacks and vulnerability assessments in SilverEdge's AI operations.