Director, Cybersecurity Compliance

Company: Dataprise Inc
Location: Rockville
Posted on: June 1, 2025

Job Description:

About the Role:The Director of Cybersecurity Compliance will lead the internal compliance efforts for Dataprise, ensuring adherence to all relevant federal, state, and industry regulations. This individual will be responsible for implementing, managing, and continuously improving the company's internal compliance program. The role will oversee risk assessments, lead risk management initiatives, develop and track Plans of Action and Milestones (POAMs), and ensure progress on all compliance and internal security initiatives. The Director of Cybersecurity Compliance will work closely with leadership teams and IT, security, legal, and other operational technology pillars to align compliance efforts with business objectives. This is a hands-on role where you must be able to build the security program from the ground up.What You'll Do:Regulatory Compliance & Governance:

• Develop, implement, and maintain a comprehensive internal compliance program aligned with regulatory, federal, state, and industry regulations (e.g., CMMC/NIST 800-171, HIPAA, SOC 2, GDPR, ISO27001, etc.).
• Ensure company policies and procedures reflect compliance requirements and are updated as necessary to address regulatory changes.
• Serve as the subject matter expert (SME) on compliance requirements applicable to Managed Service Providers (MSPs).
• Oversee compliance audits and assessments to verify adherence to established policies and regulatory standards.
• Act as the primary liaison with regulatory agencies, auditors, and external assessors.Risk Management & Assessments:
  • Conduct and oversee enterprise-wide risk assessments to identify and mitigate compliance and security risks.
  • Lead the development and implementation of risk management frameworks and strategies to address identified vulnerabilities.
  • Collaborate with cross functional teams to assess and enhance internal security controls.POA&M Development & Compliance Tracking:
    • Develop, maintain, and track Plans of Action and Milestones (POA&Ms) to address compliance gaps and remediation efforts.
    • Monitor and report on the progress of compliance initiatives and remediation plans to executive leadership.
    • Establish and manage compliance KPIs and reporting mechanisms to measure the effectiveness of internal compliance efforts.Policy & Procedure Development:
      • Develop, review, and update internal compliance policies, procedures, and documentation to align with best practices and regulatory requirements.
      • Ensure company-wide awareness and understanding of compliance obligations through training and guidance.
      • Work with HR and leadership teams to develop training programs that promote a culture of compliance.Collaboration & Leadership:
        • Partner with Internal IT, cybersecurity, legal, and business tech pillars to ensure compliance efforts align with overall business strategy.
        • Lead cross-functional teams in implementing compliance-related projects and initiatives.
        • Provide compliance advisory support to internal stakeholders and ensure business processes align with compliance requirements.
        • Other duties as assigned.What Skills & Experience You'll Need:
          • Bachelor's degree in Compliance, Business Administration, Cybersecurity, Law, or a related field (Master's degree preferred).
          • Must have previous experience leading multi-framework compliance functions or teams within large and/or complex environments.
          • Must have previous experience building a compliance program for an enterprise.
          • 7+ years of experience in information security compliance, enterprise compliance, risk management, or governance roles, preferably within an MSP or IT services environment.
          • Strong knowledge of regulatory, federal and state compliance frameworks, including PCI, CMMC, NIST, HIPAA, SOC 2, GDPR, DoDI, or DoDD.
          • Experience conducting risk assessments and managing risk mitigation efforts.
          • Proven ability to develop, implement, and track compliance programs and POAMs.
          • Excellent leadership and project management skills with the ability to drive initiatives forward.
          • Strong analytical and problem-solving skills with attention to detail.
          • Effective communication and interpersonal skills to engage with stakeholders across all levels of the organization.
          • Industry certifications such as CISA, CCP, CISM, CRISC, CISSP, or similar are a plus.Dataprise Diversity Commitment:At Dataprise, we celebrate what makes us unique: our people. We believe in fostering a diverse and inclusive work environment that seeks and embraces thoughts and ideas from all different backgrounds. We welcome everyone and are committed to providing equal employment opportunity regardless of race, gender, religion, ethnicity, disability, national origin or sexual orientation. We are #DataprisePROUD!Dataprise is an Equal Opportunity Employer.
            #J-18808-Ljbffr

Keywords: Dataprise Inc, Silver Spring , Director, Cybersecurity Compliance, Executive , Rockville, Maryland