Cybersecurity Compliance Lead - Remote - FS437

At Fresche Solutions, we offer great work-life balance with flexible hours. You can work anywhere in United States… either from your home or in one of our offices… the decision is up to you.  

WHY JOIN FRESCHE? We believe in leading our industry, we believe in innovation, we believe in delighting our customers, guaranteeing their success, and ensuring that 100% of our customers are referenceable.

Our distinct company culture makes us a top employer, as well a premiere choice for our customers for the last eleven (11) consecutive years. We work hard to ensure that our values permeate the company and are reflected in everything we do. Whether it be in setting priorities, defining ideas, or carrying out processes, we are committed to ensuring that our values are manifested at all levels of our organization.

Role Summary

The Cybersecurity Compliance Lead serves as the senior security and compliance professional responsible for leading the organization’s cybersecurity compliance program and driving strategic initiatives to mature the overall security posture. This role combines hands-on cybersecurity administration with program leadership and team-building responsibilities, transitioning from primary execution of security and compliance tasks to broader strategic oversight. The position is also responsible for scaling security and compliance functions across the company, developing and mentoring the cybersecurity team, coordinating cross-functional initiatives, and positioning the organization for sustainable future growth through scalable processes and a strong security culture.

In your day-to-day you will be responsible for

• Lead the cybersecurity compliance program, combining hands-on operations with program leadership responsibilities
  
• Develop and mentor cybersecurity team members, including direct supervision, goal-setting, and professional development of junior analysts
  
• Lead development and execution of cybersecurity compliance strategies and solutions
  
• Drive organizational security program maturity through metrics development and process improvement
  
• Maintain compliance frameworks and attestations, including NIST CSF, ISO 27001, and SOC 2 Type II
  
• Provide strategic guidance to vulnerability management programs and security initiatives
• Conduct and oversee audits and assessments of systems, policies, and practices
  
• Develop and implement solutions to improve security compliance posture and performance
  
• Lead internal and external audit processes for cloud division operations
  
• Manage BIA, BCDR/IR planning, testing, and vendor risk management programs
  
• Serve as primary liaison with management, auditors, clients, and business partners
  
• Present compliance status and strategic recommendations to executive leadership
  
• Coordinate cross-functional teams to support security initiatives
  
• Manage client assurance programs and security questionnaire responses
  
• Research and maintain expertise in evolving security laws, regulations, and best practices
  
• Advise on security awareness training program on security compliance requirements
  
• Provide guidance on compliance decisions and risk acceptance recommendations
  
• Develop and maintain risk management strategy, policies, and procedures
  
• Ensure alignment between security compliance activities and enterprise risk management
  
• Continuously introduce positive changes and promote adoption of best practices to enhance security program effectiveness
  
• Foster a culture of security awareness and compliance throughout the organization

What you must have

• Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field
• Professional certification in security or compliance domains, such as CISSP, CISA, CISM, or CRISC
• 3 years of experience in security or compliance roles, preferably in a similar industry or sector
• Experience in auditing Managed Service Providers (MSPs) and multi-tenant environments is essential
• Experience differentiating between in scope and out of scope and a line of demarcation between corporate networks, service networks, and customer cloud network, typically in an MSP context
• Experience managing audit when only part of the corporate network and Active Directory are in scope
• Ideal candidate will have technical experience with networks, Active Directory, perimeter security, systems, storage backup, disaster recovery, and virtual private networking
• Proficient in security and compliance frameworks and standards, such as NIST 800-53, ISO 27001, PCI DSS, SOC 2, or HIPAA
• Self-motivated, with the ability to adapt to change
• Excellent communication, writing, and presentation skills
• Ability to communicate effectively with different audiences and levels of authority
  
• Interpersonal skills to influence and spur change
  
• Strong analytical, problem-solving, and decision-making skills
  
• Ability to manage client expectations
• Excellent planning and organization skills
• Ability to work independently and collaboratively in a fast-paced and dynamic environment
• Energetic, professional, enthusiastic, and positive attitude
• Strong work ethic, high integrity, and commitment to success
• Hiring, leading, and mentoring
• Contribute to interview and hiring process as needed
• Lead by example and have a strong ability to inspire and motivate people to success
• Collaborate with other teams and lead initiatives to successful outcomes
• Foster a spirit of teamwork and unity
  

Working conditions

• Travel as required

We are proud to be an equal opportunity employer and are committed to fostering a diverse and inclusive workplace. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

WHAT’S IT LIKE TO WORK AT FRESCHE? 

Visit our Website and Apply Today: https://freschesolutions.com/careers/

FOLLOW US ON:  LinkedIn: https://www.linkedin.com/company/fresche-solutions

#LI-Remote