IT Risk & Compliance Director
Long Term
Tallahassee
Florida
IT Risk & Compliance Director (Cybersecurity, GRC & Incident Response)
Total Required Experience in Years: 10%2B Years
Mode of Work: Onsite
Seeking an experienced IT Risk & Compliance Director to lead enterprise cybersecurity, governance, risk management, compliance, and information security initiatives. The ideal candidate will possess extensive experience managing cybersecurity programs, security operations, risk assessments, compliance frameworks, incident response, and offensive and defensive security operations within large enterprise environments.
This leadership role will oversee cybersecurity strategy, governance, regulatory compliance, vulnerability management, threat intelligence, and enterprise security operations while collaborating with executive leadership, technical teams, auditors, and business stakeholders.
Lead enterprise cybersecurity, governance, risk, and compliance (GRC) initiatives.
Develop and manage enterprise information security programs.
Oversee cybersecurity risk assessments, compliance reviews, and audit activities.
Direct vulnerability assessments, penetration testing, and threat hunting activities.
Lead incident response, digital forensics, and cybersecurity investigations.
Develop cybersecurity strategies, policies, standards, and governance frameworks.
Ensure compliance with applicable security regulations and industry standards, including CJIS requirements.
Coordinate offensive and defensive security operations, including Red Team and Blue Team activities.
Perform security maturity assessments and develop remediation roadmaps.
Collaborate with business leaders, technical teams, auditors, and managed service providers.
Support enterprise security architecture, governance, and operational improvements.
Prepare executive reports, risk assessments, compliance documentation, and security recommendations.
Provide technical leadership for enterprise cybersecurity initiatives.
Cybersecurity
Information Security
Governance, Risk & Compliance (GRC)
Risk Management
Security Audits
Threat Hunting
Threat Intelligence
Vulnerability Management
Vulnerability Assessments
Penetration Testing
Ethical Hacking
Incident Response
Digital Forensics
Security Operations Center (SOC)
Red Team Operations
Blue Team Operations
Cybersecurity Strategy
Compliance Management
Security Governance
Security Policies
Security Standards
Enterprise Risk Assessment
CJIS Security Policy
Security Remediation
Executive Reporting
Team Leadership
Enterprise Security Operations
Red Team Simulation Exercises
Cybersecurity Maturity Assessments
Cybersecurity Roadmap Development
Managed Service Provider (MSP) Integration
Enterprise Security Architecture
Threat Intelligence Platforms
Security Automation
Security Monitoring
Regulatory Compliance
Bachelor\'s or Master\'s degree in Computer Science, Information Systems, or a related field (or equivalent work experience).
10%2B years of IT and business experience, including leadership in cybersecurity, risk management, compliance, audit, or information security.
Experience providing cybersecurity services for large enterprise environments.
Experience conducting threat hunting, vulnerability assessments, penetration testing, and incident response.
Experience supporting environments governed by CJIS Security Policy.
Strong knowledge of governance, risk management, compliance, and cybersecurity strategy.
Minimum 5%2B years of hands-on cybersecurity experience in threat hunting, penetration testing, vulnerability management, incident response, or digital forensics.
Experience in both offensive security (Red Team/Penetration Testing) and defensive security (SOC/Blue Team/Incident Response).
Strong leadership, communication, analytical, and stakeholder management skills.
CISSP (Certified Information Systems Security Professional)
CISM (Certified Information Security Manager)
CISA (Certified Information Systems Auditor)
CEH (Certified Ethical Hacker)
OSCP (Offensive Security Certified Professional)
GIAC Certification
Enterprise Cybersecurity Strategy
Governance, Risk & Compliance Frameworks
Security Risk Assessments
Vulnerability Assessment Reports
Penetration Testing Reports
Incident Response Plans
Threat Hunting Reports
Compliance Documentation
Security Policies & Standards
Audit Support
Cybersecurity Roadmaps
Executive Security Dashboards
Remediation Plans
Security Operations Oversight
Bachelor\'s or Master\'s degree in Computer Science, Information Systems, Cybersecurity, or a related field (equivalent work experience may be substituted).