Overseeing the managed services relationship responsible for cybersecurity compliance operations, ensuring delivery quality across all services.
Reviewing and approving MSP outputs, including obligations updates, unified control framework changes, control assessment results, monitoring outcomes, and compliance reports.
Monitoring MSP performance against SLAs and KPIs, ensuring consistent adherence to scope, quality expectations, and timelines.
Conducting regular service delivery reviews and providing direction to drive continuous improvement in compliance operations.
Partnering with the MSP to assess regulatory changes, evaluate applicability, and ensure updates to compliance obligations and common controls are accurate and timely.
Collaborating with the MSP on planning and execution of risk‑based control assessments, executing reviews of control design and operating effectiveness, and validating remediation plans for identified gaps.
Overseeing ongoing compliance monitoring results, ensuring timely follow‑up and escalation of potential issues or trends.
Supporting readiness assessments for compliance initiatives by reviewing gap analyses, maturity evaluations, and required enhancements.
Serving as the escalation and coordination point with Internal Audit, ensuring adequate evidence preparation, timely responses, and alignment with control and regulatory expectations.
Working with leadership to present monthly compliance metrics and insights through dashboards and executive reporting provided by the MSP.

Requirements

Bachelor’s degree in Cybersecurity, Information Technology, Management, or technology field (completed and verified prior to start)
Five (5) years of experience in cyber compliance operations role in a private, public, government or military environment
Deep understanding of cybersecurity principles, practices, regulatory obligations, and common control frameworks.
Familiarity with relevant regulatory requirements and industry standards such as ISO 27001, NIST CSF, SOX, PCI, CMMC, TISAX, SWIFT, and other cyber compliance obligations.
Experience managing compliance programs, including control framework governance, regulatory change management, and compliance monitoring.
Proven experience conducting or overseeing control assessments, evaluating design and operating effectiveness, and interpreting control test evidence.
Commitment to staying current with emerging regulations, compliance expectations, and best practices, and continuously improving compliance processes.
CISSP certification or one of the following certifications such as CISA, CISM, ISO 27001 Lead Auditor

Benefits

Medical, Dental & Vision
Health Savings Accounts
Health Care & Dependent Care Flexible Spending Accounts
Disability Benefits
Life Insurance
Voluntary Benefits
Paid Absences
Retirement Benefits

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cybersecurity compliance operationscontrol assessmentsregulatory change managementcompliance monitoringcontrol framework governancegap analysesmaturity evaluationsremediation plansSLA managementKPI monitoring

Soft Skills

leadershipcollaborationcommunicationdirection providingcontinuous improvementproblem-solvingescalation managementreportingpresentation skillsinterpersonal skills

Certifications

CISSPCISACISMISO 27001 Lead Auditor