What are the responsibilities and job description for the Cybersecurity Regulatory and Compliance Lead position at Bounteous?
Position: Cybersecurity Regulatory and Compliance Lead
Start Date: Remote Contract, Immediate
Minimum Term: 12 months, renewable
Job Summary:
The Cybersecurity Regulatory and Compliance Lead will be responsible for facilitating compliance with our global regulations, including developing, implementing, and managing the organization’s Cybersecurity compliance programs. This role involves ensuring adherence to relevant laws, regulations, and standards, conducting risk assessments, and providing guidance on best practices to mitigate security risks.
Key Responsibilities:
• Develop and maintain comprehensive Cybersecurity regulatory and compliance programs.
• Monitor and interpret regulatory requirements and industry standards.
• Stay updated on the latest Cybersecurity regulatory and compliance changes.
• Manage all regulatory, compliance and client commitments in a single view.
• Conduct regular risk assessments and audits to ensure compliance to regulations.
• Identify compliance gaps and develop roadmaps to achieve compliance to regulations.
• Collaborate with internal teams to implement security controls and policies.
• Provide expertise on international regulatory frameworks such as NY DFS and DORA
• Maintain documentation and reporting related to regulatory and compliance.
• Liaise with external auditors, regulatory agencies and client requests as needed.
• Ensure compliance with global regulations, including DORA (Digital Operational Resilience Act), BaFin (German Federal Financial Supervisory Authority), and NY DFS (New York Department of Financial services.
Qualifications:
• Minimum of 10 years of experience in Cybersecurity compliance and regulatory roles.
• In-depth knowledge of relevant laws, regulations, and standards (e.g., GDPR).
• Experience with global regulatory frameworks, including DORA, BaFin, and NY DFS.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills.
• Ability to work independently and as part of a team.
• Detail-oriented with strong organizational skills.
Preferred Qualifications:
• Master’s degree in Cybersecurity or a related field preferred.
• Experience with security frameworks such as NIST, CRI or COBIT.
• Familiarity with cloud security and emerging technologies.
• Development background.
Education:
• Bachelor’s degree in Cybersecurity, Information Technology, or a related field.
• Professional certifications such as CISSP, CISM, CRISC, or equivalent.
