Director, Information Security Audit & Compliance (Cybersecurity)

TL;DR

Director, Information Security Audit & Compliance (Cybersecurity): Leading and scaling a global audit and compliance practice to ensure the information security program is governed through a consistent framework aligned to NIST CSF and NIST 800-53. Focus on establishing global delivery centers, managing audits, and translating technical requirements into business-aligned commitments.

Location: Consistent with the firm’s hybrid work model, this position will require in-person attendance at least two days per week, either at a GT office or client site.

Salary: The base salary range for this position in the firm’s Chicago, IL, Downers Grove, IL, Cleveland, OH, Minneapolis, MN, Reno, NV, Denver, CO and Baltimore, MD offices only is between $172,000 and $258,000 per year. The base salary range for this position in the firm’s Washington, DC, Boston, MA, Bellevue, WA, Los Angeles, CA, Newport Beach, CA San Diego, CA, Edison, NJ, and New York, NY, and Melville, NY offices only is between $185,760 and $278,640 per year. The base salary range for this position in the firm’s San Francisco, CA and San Jose, CA offices only is between $197,800 and $296,700 per year.

Company

hirify.global delivers professional services through two specialized entities: hirify.global LLP, a licensed, certified public accounting (CPA) firm that provides audit and assurance services and hirify.global Advisors LLC, which exclusively provides non-attest offerings, including tax and advisory services.

What you will do

• Define and lead the global information security audit and compliance strategy across the enterprise.
• Establish and scale global delivery centers to support audits, evidence management, and continuous compliance operations.
• Lead enterprise-wide audits and assessments including ISO 27001, NIST, HIPAA, and client-specific security audits.
• Align the information security governance program to NIST Cybersecurity Framework (CSF) and NIST 800-53.
• Establish processes for continuous control monitoring, internal testing, and readiness assessments.
• Build, lead, and mentor a globally distributed team of audit and compliance professionals.

Requirements

• 12+ years of experience in information security, audit, or compliance, with 5+ years in senior leadership roles.
• Deep hands-on experience leading ISO 27001, 27701, 27017, NIST, HIPAA, and client-driven security audits.
• Strong expertise in NIST CSF and NIST 800-53 governance, control design, and assessment.
• Proven experience building or scaling global audit and compliance delivery models.
• Strong understanding of information security controls, risk management, and regulatory expectations.
• Excellent communication skills with the ability to engage executives, auditors, and clients.

Nice to have

• Experience operating in global, highly regulated environments.
• Familiarity with SOC 1 / SOC 2, cloud compliance, and third-party risk assessments.
• Experience implementing GRC tooling to support audit and compliance workflows.
• Professional certifications such as CISSP, CISA, CRISC, CISM, ISO 27001 Lead Auditor, or equivalent.

Culture & Benefits

• Consistent with the firm’s hybrid work model, this position will require in-person attendance at least two days per week, either at a GT office or client site.
• Prioritize your overall well-being through work-life integration options that work best for you.
• Support you with personalized and comprehensive benefits that recognize and empower all the identities, roles and aspirations that make you.
• Committed to doing more than checking boxes for diversity, equity & inclusion.