Manager Security Compliance and Risk Management
Manager, Security – Security Compliance & Risk Management
Function: Information Security / Compliance & Risk
Location: [Raleigh / Hybrid]
About the Role
The Manager, Security – Security Compliance & Risk Management is responsible for leading the Security Compliance and Risk Management function within the Information Security organization. This role owns the frameworks, processes, and programs that provide structured oversight of technology and security risk across the company. This manager serves as a critical bridge between the security program and the business — translating risk into actionable insight for executives, boards, auditors, regulators, and customers.
This is a people manager role overseeing a team of security engineers responsible for the day-to-day operationalization of audit, compliance, control, and FedRAMP Continuous Monitoring activities. The right candidate is both a capable program builder and an engaged people leader who can develop talent, allocate work effectively, and drive consistent execution across the team.
Core Responsibilities
People Leadership
Manage, mentor, and develop a team of security engineers
Set clear priorities, delegate work effectively, and maintain team capacity across concurrent audit, compliance, and ConMon activities
Foster a culture of quality, accountability, and continuous improvement within the team
Risk Management
Own and operate the enterprise technology and security risk register, including risk identification, scoring, tracking, and reporting
Lead the risk exception and risk acceptance process, ensuring appropriate documentation, approvals, and periodic review
Drive identification, escalation, and resolution of cybersecurity risks and issues across the organization
Serve as a trusted advisor to business and technology stakeholders on compliance and risk matters
Provide risk-based reporting to support executive and board-level decision-making on the state of the security program
Compliance & Control Governance
Oversee enterprise control management activities, including control design, testing, effectiveness tracking, issue management, and remediation
Map controls to applicable frameworks including NIST CSF, ISO 27001, SOC 2, and other relevant technology-sector obligations
Support and maintain cybersecurity compliance certifications and initiatives (e.g., ISO 27001, SOC 2, Cyber Essentials)
Perform regulatory horizon scanning to identify emerging compliance requirements and assess organizational impact
Coordinate and monitor recurring security and compliance assessments, including internal reviews, control self-assessments, and gap analyses
Develop and maintain metrics that measure organizational adherence to security policies, and report findings to leadership with recommendations for remediation where gaps exist
Audit & Assurance Operationalization
Oversee the team’s end-to-end execution of audit engagements, ensuring the audit calendar, evidence collection, issue tracking, and management responses are completed accurately and on time
Serve as the primary interface for internal audit, external auditors, regulators, and customer assurance reviews, directing team members on their respective workstreams
Ensure cross-functional coordination is in place so that business and technical stakeholders are audit-ready and delivering evidence on time
Oversee the maintenance and integrity of the assurance evidence library to support efficient, repeatable, and high-quality audit response across all engagements
FedRAMP Continuous Monitoring
Provide oversight and direction for the FedRAMP Continuous Monitoring program, ensuring all ConMon obligations are met in accordance with FedRAMP requirements
Oversee the team’s execution of recurring ConMon activities, ensuring deliverables are accurate, timely, and aligned with agency expectations
Ensure findings and remediation activities are tracked and managed to resolution within required timeframes
Serve as an escalation point for ConMon-related issues and interface with relevant stakeholders on program status and risk
We know your well-being and happiness are key to a long and successful career. We are delighted to offer country specific benefits. Click here to access benefits specific to your location.
We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact 1-855-833-5120.
Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here.
Please read our Candidate Privacy Policy.
We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.
USA Job Seekers: