Cyber Security Compliance Manager

COMPANY OVERVIEW

ThreatLocker® is a leader in endpoint protection technologies, providing enterprise-level cybersecurity tools to improve the security of servers and endpoints. The ThreatLocker® platform with Application Allowlisting, Ringfencing™, Storage Control, Elevation Control, Endpoint Network Control, Configuration Management, and Operational Alert solutions are leading the cybersecurity market toward a more secure approach of blocking the exploits of application vulnerabilities.

POSITION OVERVIEW

The Cyber Security Compliance Manager is responsible for developing, maintaining, and continuously improving ThreatLocker’s compliance and governance programs across multiple frameworks and regions. This role ensures that organizational and product-level objectives align with regulatory, customer, and industry requirements such as SOC 2 Type II, FedRAMP, NIST 800-171, and ISO 27001. 

This position combines strategic planning with hands-on execution — ideal for a highly organized, technically fluent, and compliance-driven professional who thrives in a fast-paced environment. 

JOB OVERVIEW

• Develop and implement organizational compliance strategies that align with company objectives. 

• Design, monitor, and enhance control systems to detect and prevent violations of legal rules and internal policies. 

• Collaborate with leadership to advance ThreatLocker’s corporate governance and compliance maturity. 

• Align documentation, processes, and controls with frameworks including SOC 2 Type II, FedRAMP, NIST 800-171, ISO 27001, and other emerging standards. 

• Own and lead external audit engagements, including evidence collection, gap remediation, and continuous improvement tracking. 

• Oversee the development, review, and management of corporate compliance and information security policies. 

• Identify, assess, and mitigate organizational and product risks through collaboration with technical and operational teams. 

• Conduct internal compliance audits and risk assessments to verify adherence to internal and external standards. 

• Manage vendor and supply chain compliance processes, including due diligence and ongoing risk monitoring. 

• Develop and deliver staff compliance training and awareness programs. 

• Establish compliance metrics and KPIs; report posture and audit readiness to senior leadership. 

• Support compliance components of product specifications, liaise with customers and auditors, and provide documentation during due diligence or RFP processes. 

• Minimize legal and regulatory risks by staying current with legislation and recommending procedural updates. 

• Work closely with the Sales team to support RFQs, RFPs, and customer due diligence requests by providing timely and accurate compliance documentation. 

• Other duties as assigned.

REQUIRED QUALIFICATIONS

• Minimum 6 years of experience in corporate compliance, cybersecurity governance, or risk management. 

• Bachelor’s degree in Management Information Systems (MIS), Computer Science (CS), or a related field (Master’s preferred). 

• Proven success managing SOC 2, FedRAMP, or NIST 800-171 programs. 

• Deep understanding of IT and security controls across cloud, network, and endpoint environments. 

• Exceptional organizational skills with a strong ability to manage multiple projects under tight deadlines. 

• Clear and concise communicator, capable of interfacing effectively with executives, engineers, and auditors. 

• Proven negotiation, documentation, and analytical skills with acute attention to detail. 

• Self-motivated, resourceful, and adaptable in a fast-moving, high-accountability culture. 

• Excellent written communication and presentation skills. 

PREFERRED QUALIFICATIONS

• Certifications such as CISA, CISM, CISSP, CRISC, or ISO 27001 Lead Implementer/Auditor. 

• Experience with FedRAMP Moderate or High Baseline and working knowledge of SSPs, POA&Ms, and continuous monitoring. 

• Familiarity with cloud platforms (Azure, AWS, GCP) and their compliance ecosystems. 

• Prior experience working in a cybersecurity, SaaS, or technology company. 

• Demonstrated ability to translate technical security requirements into actionable compliance controls. 

TEAM FIT

At ThreatLocker®, we move fast and expect our compliance leaders to balance regulatory precision with practical execution. The ideal candidate thrives in a high-growth environment where ownership, accountability, and collaboration are key. 

WORKING CONDITIONS

The duties described below are representative of those encountered while performing the essential functions of this position. If necessary, reasonable accommodation may be requested and will be evaluated for its relationship to the essential functions that must be performed.

• Job will generally be performed in an office environment but may require travel to visit company offices and/or property locations.
• While performing duties of this job, would occasionally require to stand, walk, sit, reach with hands and arms, climb or balance, stoop or kneel, talk and hear, and use fingers and hands to feel objects and tools.
• Must occasionally lift and/or move up to 25 pounds.
• Specific vision abilities required include close vision, distance vision, depth perceptions, and the ability to adjust focus

A background check and drug/substance screening are required after a conditional offer. Employment will proceed only upon receiving clear results from both.

ThreatLocker also conducts randomized drug and substance testing approximately every 60 days, in line with the same screening standards.