Head Of Risk And Compliance (Cybersecurity)

TL;DR

Head of Risk and Compliance (Cybersecurity): Building and leading the global risk and compliance management function, ensuring security, compliance, and business resilience are embedded into operations. Focus on operational, cybersecurity, and compliance risks mitigation, managing compliance frameworks like ISO, Common Criteria, FedRamp, SOCII, GDPR, and leading third-party and vendor risk management programs.

Location: Hybrid in either Dallas, TX or Hoboken, NJ. Candidates who reside within 45 miles of one of our offices will follow our hybrid work model. This includes working onsite three days per week and remotely the remaining days.

Company

hirify.global is a cybersecurity company with a mission to be a Force for Good.

What you will do

• Develop and lead the company-wide risk and compliance management strategy, policies, and framework aligned with organizational objectives and regulatory standards.
• Collaborate with different stakeholders to identify, assess, and mitigate operational, cybersecurity, and compliance risks.
• Own and evolve the company’s risk register, metrics, and reporting cadence, providing transparent insights to the CISO, senior leadership, and board committees.
• Manage and lead the company’s compliance frameworks including ISO, Common Criteria, FedRamp, SOCII, GDPR, and more.
• Lead third-party and vendor risk management programs, ensuring supply chain resilience and adherence to company security requirements.
• Quarterback compliance efforts, testing and auditing.

Requirements

• 7+ years of experience in enterprise risk management, cybersecurity, or information assurance, with at least 5 years in leadership capacity.
• Strong understanding of cybersecurity frameworks, operational risk, business continuity, and compliance programs.
• Proven experience working within or alongside a CISO organization in a fast-paced technology or cybersecurity environment.
• Expertise in quantitative and qualitative risk analysis, reporting, and executive communication.
• Familiarity with standards and regulations such as NIST, ISO 27001, SOC 2, GDPR, DORA, and NIS2.
• Excellent relationship-building and influencing skills, capable of engaging stakeholders across technical and business domains.

Nice to have

• Relevant certifications preferred: CRISC, CISSP, CISM, CISA, ISO 27005 Risk Manager, or equivalent.

Culture & Benefits

• Be part of a global team on the front lines of cybersecurity innovation.
• hirify.global celebrates curiosity, integrity, and people who take initiative.
• Healthy balance between work and life.