Lead Cybersecurity Engineer Compliance
Full-Time | Hybrid (3 Days Onsite Weekly) | U.S. Citizens Only

Overview
A leading U.S.-based organization is seeking a Lead Cybersecurity Engineer Compliance to support enterprise-wide cybersecurity initiatives and ensure regulatory readiness. This individual will play a critical role in guiding teams through complex compliance frameworks such as CMMC, NIST, DFARS, and ISO, translating regulatory mandates into actionable, risk-based technical controls.

This is a direct-hire opportunity for an experienced cybersecurity professional who thrives at the intersection of compliance, technology, and business strategy. The role offers hybrid flexibility with onsite requirements at a corporate location in the Upper Midwest and occasional travel if based elsewhere.

Responsibilities

• Lead or participate in cybersecurity compliance assessments and audits (e.g., CMMC, ISO, NIST 800-171).

• Translate complex cybersecurity regulations and frameworks into technical system-level controls and guidance.

• Assess compliance gaps and develop remediation plans across multiple functional and technical domains.

• Serve as a subject matter expert and advisor to business stakeholders and IT teams on cybersecurity policy alignment and control implementation.

• Collaborate with internal departments (Finance, HR, Engineering, Infrastructure, Applications) to ensure compliance with federal and industry standards.

• Support the development of compliance strategies tailored to diverse business environments.

• Draft and maintain cybersecurity policies, procedures, and standards aligned with frameworks such as NIST, PCI DSS, SOC2, ISO 27001, DFARS, and HIPAA.

• Communicate technical risk and compliance posture to both technical and non-technical audiences.

• Contribute to the overall cybersecurity strategy and maturity of the organization, helping to drive innovation and continuous improvement.

Required Skills

• Strong technical foundation with the ability to map regulatory requirements to system configurations and controls.

• Hands-on experience with regulatory compliance and cybersecurity standards (CMMC, NIST, DFARS, etc.).

• Experience conducting or leading IT audits and security assessments.

• Ability to translate complex technical language for business stakeholders.

• Proficient in writing and evaluating cybersecurity documentation, reports, and gap analyses.

• Familiarity with security controls for networks, applications, and infrastructure systems.

Preferred Qualifications

• Advanced degree in Cybersecurity, Information Systems, or related field.

• Relevant certifications such as CISSP, CISM, CEH, GIAC, Security+, or SSAP.

• Experience working in regulated industries, including defense, government, or critical infrastructure.

• Practical experience in infrastructure, cloud, or secure application development environments.

• Ability to obtain or currently hold a U.S. Government Secret-level security clearance.

• Experience supporting enterprise policy development and testing cybersecurity control effectiveness.

• Background in cross-functional collaboration and multi-site organizational compliance.

Work Model & Travel
This role follows a hybrid model with three days onsite per week at a corporate location in the Upper Midwest.
Candidates located in other regional hubs such as South-Central Pennsylvania, Western Maryland, or Central Florida may also be considered, but will be required to travel to the main office approximately four times per year.

How to Apply
Interested candidates should submit a resume for confidential consideration. Qualified applicants will be contacted to discuss next steps and interview logistics.