About the Role
Title: Cyber Security Compliance Lead
Job Description:
Position Details:
Term: 12 month contract – possible contract-to-hire
Location: 100% remote
Hours: Mon-Friday standard business hours
Hourly pay + benefits.
Our P&C insurance client is seeking a highly skilled Cybersecurity Regulatory and Compliance Lead to join the IT Security Governance, Risk, and Compliance (GRC) team and ensure operations meet global regulatory requirements. The candidate must have a strong background in global cyber regulations, compliance, and technology, and must be highly adaptive. The candidate must be highly collaborative, organized, and analytical, and is expected to partner effectively and influence IT management and business stakeholders.
Job Summary:
The Cybersecurity Regulatory and Compliance Lead will be responsible for facilitating compliance with our global regulations, including developing, implementing, and managing the organization’s Cybersecurity compliance programs. This role involves ensuring adherence to relevant laws, regulations, and standards, conducting risk assessments, and providing guidance on best practices to mitigate security risks.
What you’ll do as the Cyber Security Compliance Lead
The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
• Develop and maintain comprehensive Cybersecurity regulatory and compliance programs.
• Monitor and interpret regulatory requirements and industry standards.
• Stay updated on the latest Cybersecurity regulatory and compliance changes.
• Manage all regulatory, compliance and client commitments in a single view.
• Conduct regular risk assessments and audits to ensure compliance to regulations.
• Identify compliance gaps and develop roadmaps to achieve compliance to regulations.
• Collaborate with internal teams to implement security controls and policies.
• Provide expertise on international regulatory frameworks such as NY DFS and DORA
• Maintain documentation and reporting related to regulatory and compliance.
• Liaise with external auditors, regulatory agencies and client requests as needed.
• Ensure compliance with global regulations, including DORA (Digital Operational Resilience Act), BaFin (German Federal Financial Supervisory Authority), and NY DFS (New York Department of Financial Services).
What you’ll bring to the table:
• Minimum of 10 years of experience in Cybersecurity compliance and regulatory roles.
• In-depth knowledge of relevant laws, regulations, and standards (e.g., GDPR).
• Experience with global regulatory frameworks, including DORA, BaFin, and NY DFS.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills.
• Ability to work independently and as part of a team.
• Detail-oriented with strong organizational skills.
Preferred Qualifications:
• Master’s degree in Cybersecurity or a related field preferred.
• Experience with security frameworks such as NIST, CRI or COBIT.
• Familiarity with cloud security and emerging technologies.
• Development background.
Education:
• Bachelor’s degree in Cybersecurity, Information Technology, or a related field.
• Professional certifications such as CISSP, CISM, CRISC, or equivalent.