Cybersecurity Compliance Lead - Remote - FS437

At Fresche Solutions, we offer great work-life balance with flexible hours. You can work anywhere in United States… either from your home or in one of our offices… the decision is up to you.WHY JOIN FRESCHE? We believe in leading our industry, we believe in innovation, we believe in delighting our customers, guaranteeing their success, and ensuring that 100% of our customers are referenceable.Our distinct company culture makes us a top employer, as well a premiere choice for our customers for the last eleven (11) consecutive years. We work hard to ensure that our values permeate the company and are reflected in everything we do. Whether it be in setting priorities, defining ideas, or carrying out processes, we are committed to ensuring that our values are manifested at all levels of our organization.Role SummaryThe Cybersecurity Compliance Lead serves as the senior security and compliance professional responsible for leading the organization’s cybersecurity compliance program and driving strategic initiatives to mature the overall security posture. This role combines hands-on cybersecurity administration with program leadership and team-building responsibilities, transitioning from primary execution of security and compliance tasks to broader strategic oversight. The position is also responsible for scaling security and compliance functions across the company, developing and mentoring the cybersecurity team, coordinating cross-functional initiatives, and positioning the organization for sustainable future growth through scalable processes and a strong security culture.In your day-to-day you will be responsible forLead the cybersecurity compliance program, combining hands-on operations with program leadership responsibilitiesDevelop and mentor cybersecurity team members, including direct supervision, goal-setting, and professional development of junior analystsLead development and execution of cybersecurity compliance strategies and solutionsDrive organizational security program maturity through metrics development and process improvementMaintain compliance frameworks and attestations, including NIST CSF, ISO 27001, and SOC 2 Type IIProvide strategic guidance to vulnerability management programs and security initiativesConduct and oversee audits and assessments of systems, policies, and practicesDevelop and implement solutions to improve security compliance posture and performanceLead internal and external audit processes for cloud division operationsManage BIA, BCDR/IR planning, testing, and vendor risk management programsServe as primary liaison with management, auditors, clients, and business partnersPresent compliance status and strategic recommendations to executive leadershipCoordinate cross-functional teams to support security initiativesManage client assurance programs and security questionnaire responsesResearch and maintain expertise in evolving security laws, regulations, and best practicesAdvise on security awareness training program on security compliance requirementsProvide guidance on compliance decisions and risk acceptance recommendationsDevelop and maintain risk management strategy, policies, and proceduresEnsure alignment between security compliance activities and enterprise risk managementContinuously introduce positive changes and promote adoption of best practices to enhance security program effectivenessFoster a culture of security awareness and compliance throughout the organizationWhat you must haveBachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related fieldProfessional certification in security or compliance domains, such as CISSP, CISA, CISM, or CRISC3 years of experience in security or compliance roles, preferably in a similar industry or sectorExperience in auditing Managed Service Providers (MSPs) and multi-tenant environments is essentialExperience differentiating between in scope and out of scope and a line of demarcation between corporate networks, service networks, and customer cloud network, typically in an MSP contextExperience managing audit when only part of the corporate network and Active Directory are in scopeIdeal candidate will have technical experience with networks, Active Directory, perimeter security, systems, storage backup, disaster recovery, and virtual private networkingProficient in security and compliance frameworks and standards, such as NIST 800-53, ISO 27001, PCI DSS, SOC 2, or HIPAASelf-motivated, with the ability to adapt to changeExcellent communication, writing, and presentation skillsAbility to communicate effectively with different audiences and levels of authorityInterpersonal skills to influence and spur changeStrong analytical, problem-solving, and decision-making skillsAbility to manage client expectationsExcellent planning and organization skillsAbility to work independently and collaboratively in a fast-paced and dynamic environmentEnergetic, professional, enthusiastic, and positive attitudeStrong work ethic, high integrity, and commitment to successHiring, leading, and mentoringContribute to interview and hiring process as neededLead by example and have a strong ability to inspire and motivate people to successCollaborate with other teams and lead initiatives to successful outcomesFoster a spirit of teamwork and unityWorking conditionsTravel as requiredWe are proud to be an equal opportunity employer and are committed to fostering a diverse and inclusive workplace. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.WHAT’S IT LIKE TO WORK AT FRESCHE?Visit our Website and Apply Today: https://freschesolutions.com/careers/FOLLOW US ON: LinkedIn: https://www.linkedin.com/company/fresche-solutions