Cyber Security Compliance Manager

Job Description:

Job Description: Cyber Security Compliance Leader

Level: Manager

Key Responsibilities

• Lead cross‑functional working sessions to evaluate monitoring, reporting, and control performance across platforms, applications, and security capabilities.

• Drive identification, remediation, and maturity of compliance gaps while increasing visibility into key control areas and strengthening stakeholder accountability.

• Develop and deliver monthly compliance status reports; facilitate leadership reviews to communicate progress, risks, and operational concerns.

• Build and maintain strong relationships across the organization to enhance engagement and advance the cybersecurity compliance program’s overall maturity.

• Manage enterprise‑level communication of compliance performance metrics, trends, and risk insights to senior leadership and key stakeholders.

• Oversee Internal Audit engagement, including operating model management, ongoing audit reviews, remediation tracking, and maintenance of Power BI dashboards.

• Coordinate audits, assessments, and evidence collection activities, ensuring accurate control mappings, validated NIST CSF 2.0 documentation, and timely completion of client assessments, RFPs, third-party questionnaires, and cybersecurity inquiries.

Skills & Attributes for Success

• Ability to communicate and implement compliance process changes clearly and effectively, adapting messaging to the needs of diverse audiences.

• Exceptional written and verbal communication skills, including the ability to prepare concise risk and compliance summaries for senior leadership.

• Demonstrated exceptional organizational skills, with the ability to prioritize competing tasks, maintain meticulous documentation, and manage workflow efficiently in fast-paced environments.

• Proven project management experience, including leading cross-functional initiatives, coordinating timelines and deliverables, and ensuring successful completion of projects within scope and schedule.

• Proven capability to develop and deliver high‑quality executive presentations on global compliance posture, remediation progress, and emerging cybersecurity issues.

• Strong skill in translating complex technical security topics into clear, business‑aligned messages for non‑technical stakeholders.

• Deep knowledge of information security principles, controls, and industry technologies.

• Experience working with cybersecurity frameworks such as NIST CSF, ISO 27001, the NIST 800‑series, SOC reporting standards, and other regulatory or industry requirements.

• Proficiency with tools and platforms such as SharePoint, Power BI, Archer, and other compliance, audit, and risk management systems.

• Advanced analytical skills to interpret performance metrics, identify trends, and collaborate with business partners to drive actionable improvement plans.

• Ability to operate independently, exercise sound judgment, and drive outcomes in a fast‑paced, global, matrixed environment.

• Familiarity with cybersecurity controls across enterprise systems, business applications, and technology platforms.

Education & Experience

• Bachelor’s degree in information security, Computer Science, Information Systems, Cybersecurity, or a related field; equivalent work experience may be considered.

• 5–8 years of experience in cybersecurity, IT risk management, compliance, audit, or related security governance functions.

• Hands-on experience supporting or managing compliance activities aligned to frameworks such as NIST CSF, ISO 27001, NIST 800‑series, GDPR, SOX, SOC, or other regulatory/industry standards.

• Experience working in complex, global, or highly matrixed organizations with cross-functional stakeholders.

• Prior involvement in audit coordination, security assessments, evidence collection, or control testing strongly preferred.

• Professional certifications such as CISSP, CISM, CRISC, CISA, or equivalent are a plus.