Haystack
← Back to Jobs
Other

IT Risk & Compliance Director

Defined Software DevelopmentTallahassee, FL🇺🇸United StatesPosted 16 Jul 2026

Quick Overview

Work Type
On Site
Level
Leader

Job Description

IT Risk & Compliance Director

Location: Tallahassee, FL (Onsite)
Job Type: Contract
Experience Level: Advanced

Job Summary

We are seeking an experienced IT Risk & Compliance Director to lead enterprise cybersecurity risk management, governance, compliance, and security operations initiatives within a large, complex IT environment. This role is ideal for a cybersecurity leader with deep experience in threat hunting, vulnerability management, penetration testing, incident response, and security governance.

The selected candidate will work closely with technical and business stakeholders to strengthen organizational cybersecurity posture, identify and mitigate risks, and support enterprise-wide compliance efforts.

Responsibilities

  • Lead enterprise IT risk management and cybersecurity compliance initiatives.
  • Conduct comprehensive vulnerability assessments using industry-standard tools and methodologies.
  • Perform internal and external penetration testing.
  • Identify, investigate, and analyze Indicators of Compromise (IOCs), unauthorized access attempts, and potential data exfiltration risks.
  • Assess and prioritize vulnerabilities using the Common Vulnerability Scoring System (CVSS).
  • Perform proactive threat hunting across enterprise environments.
  • Support cybersecurity incident response efforts, including containment, eradication, recovery, and post-incident recommendations.
  • Provide strategic guidance on Governance, Risk, and Compliance (GRC) initiatives.
  • Develop remediation strategies and cybersecurity improvement plans.
  • Collaborate with internal technical teams and stakeholders to strengthen overall security posture.
  • Support cybersecurity roadmap development and organizational security maturity initiatives.

Required Qualifications

  • Bachelor''s or Master''s degree in Computer Science, Information Systems, Cybersecurity, or a related field (or equivalent professional experience).
  • 10+ years of IT and business experience, including leadership responsibility for cybersecurity, compliance, risk management, or information security teams.
  • Minimum 5 years of hands-on cybersecurity experience in one or more of the following:
    • Threat Hunting
    • Threat Intelligence
    • Penetration Testing / Ethical Hacking
    • Vulnerability Management
    • Incident Response
    • Digital Forensics
  • Experience securing large enterprise environments.
  • Experience performing vulnerability assessments and penetration testing.
  • Strong understanding of cybersecurity governance, risk management, and compliance frameworks.
  • Experience operating in both offensive security (Red Team/Penetration Testing) and defensive security (SOC/Blue Team/Incident Response) environments.
  • Strong communication, leadership, and stakeholder management skills.

Preferred Qualifications

  • Experience conducting Red Team exercises and adversarial simulations.
  • Experience developing cybersecurity roadmaps and maturity assessments.
  • Experience working with Managed Service Providers (MSPs) and enterprise IT organizations.
  • Professional cybersecurity certifications such as:
    • CISSP
    • CEH
    • OSCP
    • GIAC
    • CISM
    • CISA

 

  • This position has emergency response responsibilities and may be required to report during emergency operations.

Skills

Compliance
Penetration Testing
Risk Management
Stakeholder Management

Similar jobs