CrawlJobs Logo
L+M Development Partners Logo L+M Development Partners · IT - Administration

Director of Cybersecurity & Compliance

United States of America, New York Employment contract 170000.00 - 190000.00 USD / Year · Job Posted May 30, 2026
Apply Position
Job Link Share

Job Description

L+M Development Partners is seeking a hands-on Director of Cybersecurity & Compliance to lead and execute the company's information security strategy. This is a practitioner-level role — not a purely advisory or oversight position — requiring someone who can configure controls, manage platforms, and drive real security outcomes alongside the IT team. The Director will own the day-to-day operation of L+M's security stack, manage MDR vendor relationships, lead the company's response to cyber security incidents, build a formal governance and compliance program, and serve as the internal security authority for staff, leadership, and vendors.

Job Responsibility

  • Administer and optimize Microsoft 365 / Entra ID security configurations, including Conditional Access, MFA policies, and re-authentication session controls
  • Manage and tune email security platforms, MDR and firewalls for threat detection and PII content filtering
  • Oversee email security and MDR engagement for 24/7 threat monitoring
  • serve as primary internal contact for escalation and incident triage
  • Administer firewall and other network security controls and access policies
  • Manage restrictions on personal email access, personal device access to SharePoint/company resources, and shared drive to OneDrive/SharePoint migration security controls
  • Implement and maintain DLP policies to prevent PII from being transmitted via email, with programmatic deletion of historical PII from employee mailboxes
  • Own incident response, remediation and data breach management and reporting
  • Investigate and document security incidents
  • produce post-incident reports for leadership and the board
  • Build and maintain a NIST-aligned cybersecurity governance framework, incorporating the findings from third-party pen tests, cyber assessment and governance strategy engagement
  • Develop and enforce company-wide information security policies, including acceptable use, data classification, PII handling, and vendor security requirements
  • Create a vendor security program with tiered controls based on risk level
  • ensure new and high-risk vendors meet MFA, cybersecurity training, and contractual security requirements
  • Manage PII data handling policies for all company platforms
  • define retention, access, and deletion procedures
  • Coordinate with legal counsel on multi-state regulatory compliance, notification windows, and data privacy obligations
  • Support cyber insurance renewals and carrier requirements
  • work with the Insurance team to assess and close coverage gaps
  • Design and operate an employee security awareness training program
  • manage phishing simulation campaigns and track employee performance
  • Help develop and enforce consequences for repeat security policy violations, including integration of phishing test results into annual performance review processes
  • Provide advance training prior to new policy enforcement
  • Communicate clearly with non-technical staff on security changes that affect daily workflows
  • Serve as the internal subject matter expert on cybersecurity for the CTO, executive team, and board
  • Prepare and present cybersecurity metrics, risk posture updates, and strategic recommendations to leadership
  • Manage vendor relationships and procurement for security tools
  • evaluate and recommend platforms
  • Define and track a cybersecurity roadmap aligned with NIST maturity milestones

Requirements

  • 7+ years of progressive experience in cybersecurity, with at least 3 years in a senior or lead technical role
  • Hands-on, practitioner-level expertise — this role requires the ability to configure, operate, and troubleshoot security tools directly
  • Deep expertise with Microsoft 365 security, Entra ID / Azure AD, Conditional Access, and Defender suite
  • Experience managing or overseeing Managed Email Security and MDR engagements
  • Experience with email security platforms
  • Strong working knowledge of PII handling obligations, data breach notification laws, and multi-state regulatory requirements
  • Familiarity with NIST Cybersecurity Framework and the ability to translate it into practical operational controls
  • Experience developing and enforcing security policies, vendor security requirements, and employee training programs

Nice to have

  • CISSP, CISM, CISA, or equivalent professional certification
  • Experience in real estate, property management, affordable housing, or regulated industries with PII-intensive operations
  • Familiarity with property management platforms and their data security considerations
  • Experience working with outside legal counsel and cyber insurance carriers
  • Background conducting or managing external cybersecurity assessments
  • Exposure to DLP tools, SIEM/SOAR platforms, and network access control within a Microsoft-heavy environment
L+M Development Partners - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Director of Cybersecurity & Compliance

8 matching positions

Director - Compliance

Asana Partners is a retail real estate investment firm creating value in vibrant...
Location
Location
United States , Charlotte
Salary
Salary:
Not provided
asanapartners.com Logo
Asana Partners
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Deep knowledge of the Advisers Act, insider trading, anti-money laundering laws, anti-bribery and corruption rules, and conflicts of interest
  • Proven track record managing SEC audits and regulatory communications
  • Fluency with the FINRA IARD system and SEC filings including Form ADV and Form PF
  • Highly organized, proactive, solutions-oriented thinker, with a passion for compliance and helping a growing firm navigate evolving rules and regulations
  • Strong communication, interpersonal, and collaboration skills
  • 10+ years of advanced compliance experience at a financial services firm
  • Expertise with the FINRA IARD system to input annual Form ADV and Form PF
  • Knowledge with compliance monitoring systems, such as ComplySci and technology solutions
Job Responsibility
Job Responsibility
  • Advise senior leadership on emerging regulatory risks, enforcement trends, and compliance implications for strategic initiatives
  • Serve as a thought leader on compliance matters, including AI, cybersecurity and data privacy
  • Oversee all aspects of the compliance program including onboarding and offboarding employees into the compliance system, and address employee questions around the Code of Ethics
  • Maintain all records of compliance regarding pre-clearance approvals and marketing reviews
  • Manage compliance operations related to marketing reviews, pre-clearance approvals and recordkeeping
  • Coordinate with Investor Relations on global marketing compliance and licensing requirements
  • Track and manage compliance with fund partnership agreements and investor side letter agreements
  • Provide dedicated compliance support to the firm and partner with external regulatory advisers
  • Lead preparation and response efforts for SEC audits and other regulatory inquiries
  • Conduct the annual compliance review and back test different compliance policies
Read More
Arrow Right

IT Director

The IT Systems Manager is responsible for the effective management, security, an...
Location
Location
United States , Denver
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Technology, Computer Science, or related field
  • Minimum of seven years of experience in IT roles with at least two years of leadership experience
  • Relevant certifications in cloud, security, or virtualization technologies
  • Expertise in IT systems management including centralized policy frameworks and identity management solutions
  • Experience managing hybrid environments combining on-premises systems and cloud platforms
  • Proficiency in automation tools or scripting
  • Advanced understanding of networking principles, security protocols, and authentication systems
  • Familiarity with virtualization platforms and enterprise-level system configurations
  • Expertise with backup and recovery technologies
  • Solid understanding of industry compliance frameworks such as NIST and SOC2
Job Responsibility
Job Responsibility
  • Manage day-to-day operations of IT infrastructure including servers, networks, and cloud systems
  • Oversee implementation and maintenance of backup and recovery technologies
  • Develop and test robust disaster recovery plans
  • Monitor and respond to security events proactively
  • Manage and optimize virtualized systems
  • Collaborate with internal stakeholders to align IT systems with organizational goals
  • Maintain strategic partnerships with vendors and manage contracts
  • Conduct audits, risk assessments, and evaluations for compliance
  • Lead and mentor IT teams
What we offer
What we offer
  • Medical, vision, dental, life and disability insurance
  • 401(k) plan
  • Free online training
  • Competitive compensation
  • Fulltime
Read More
Arrow Right

Director of Security

Jeeves is looking for a visionary and hands-on Director of Information Security ...
Location
Location
Brazil , São Paulo
Salary
Salary:
Not provided
tryjeeves.com Logo
Jeeves
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • Master's degree preferred
  • 10+ years of progressive experience in information security
  • At least 5 years in a leadership or management role, preferably within a B2B SaaS or FinTech environment
  • Proven experience operating in a global organization with a strong understanding of diverse regulatory landscapes across North America, EMEA, and Latin America (Mexico, Colombia, Brazil)
  • Strong understanding of financial industry security regulations and compliance frameworks (e.g., PCI DSS, SOC 2, ISO 27001, NIST Cybersecurity Framework, GDPR, LGPD)
  • Deep technical expertise across a broad range of security domains, including network security, cloud security (AWS, Azure, GCP), application security, data security, identity and access management, and incident response
  • Experience with various security tools and technologies (SIEM, EDR, WAF, DLP, vulnerability scanners, etc.)
  • Excellent communication, interpersonal, and presentation skills, with the ability to articulate complex security concepts to technical and non-technical audiences, including executive leadership
  • Strong analytical and problem-solving skills, with a proactive and pragmatic approach to security
Job Responsibility
Job Responsibility
  • Develop, implement, and maintain a robust global information security strategy aligned with business objectives, regulatory requirements, and industry best practices
  • Lead the evolution of our security roadmap, identifying emerging threats, vulnerabilities, and opportunities for improvement
  • Provide expert guidance and leadership on all aspects of information security to executive management and key stakeholders
  • Oversee the design, implementation, and continuous improvement of security policies, standards, procedures, and guidelines across the organization
  • Manage and mature our security awareness and training programs for all employees, fostering a security-conscious culture
  • Develop and manage the information security budget and resource allocation
  • Establish and maintain an enterprise-wide information security risk management framework, conducting regular risk assessments and managing mitigation plans
  • Ensure compliance with relevant international, regional, and local data privacy and security regulations
  • Lead and coordinate external security audits and assessments, facilitating responses to findings and ensuring timely remediation
  • Oversee security operations, including vulnerability management, penetration testing, security monitoring, and incident detection and response
  • Fulltime
Read More
Arrow Right

Director of Information Security

Jeeves is looking for a visionary and hands-on Director of Information Security ...
Location
Location
Mexico , Mexico City
Salary
Salary:
Not provided
tryjeeves.com Logo
Jeeves
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • Master's degree preferred
  • 10+ years of progressive experience in information security
  • At least 5 years in a leadership or management role, preferably within a B2B SaaS or FinTech environment
  • Proven experience operating in a global organization with a strong understanding of diverse regulatory landscapes across North America, EMEA, and Latin America (Mexico, Colombia, Brazil)
  • Strong understanding of financial industry security regulations and compliance frameworks (e.g., PCI DSS, SOC 2, ISO 27001, NIST Cybersecurity Framework, GDPR, LGPD)
  • Deep technical expertise across a broad range of security domains, including network security, cloud security (AWS, Azure, GCP), application security, data security, identity and access management, and incident response
  • Experience with various security tools and technologies (SIEM, EDR, WAF, DLP, vulnerability scanners, etc.)
  • Excellent communication, interpersonal, and presentation skills, with the ability to articulate complex security concepts to technical and non-technical audiences, including executive leadership
  • Strong analytical and problem-solving skills, with a proactive and pragmatic approach to security
Job Responsibility
Job Responsibility
  • Develop, implement, and maintain a robust global information security strategy aligned with business objectives, regulatory requirements, and industry best practices
  • Lead the evolution of our security roadmap, identifying emerging threats, vulnerabilities, and opportunities for improvement
  • Provide expert guidance and leadership on all aspects of information security to executive management and key stakeholders
  • Oversee the design, implementation, and continuous improvement of security policies, standards, procedures, and guidelines across the organization
  • Manage and mature our security awareness and training programs for all employees
  • Develop and manage the information security budget and resource allocation
  • Establish and maintain an enterprise-wide information security risk management framework, conducting regular risk assessments and managing mitigation plans
  • Ensure compliance with relevant international, regional, and local data privacy and security regulations
  • Lead and coordinate external security audits and assessments
  • Oversee security operations, including vulnerability management, penetration testing, security monitoring, and incident detection and response
  • Fulltime
Read More
Arrow Right

Cybersecurity Governance, Risk, Compliance, Training & Resilience Manager

We are hiring a Manager to lead the day-to-day execution of cybersecurity Govern...
Location
Location
United States , Boston
Salary
Salary:
120000.00 - 180000.00 USD / Year
aptiv.com Logo
Aptiv plc
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7–10+ years of cybersecurity risk, compliance, audit, or GRC program experience
  • Experience managing or contributing to ISO 27001, NIST 800-171, SOX, GDPR, or TISAX efforts
  • Proficiency with GRC platforms and internal controls execution
  • Strong writing and documentation skills
  • Must reside in Greater Boston area with ability to be present on site at least 3 days/weekly
  • United States Citizenship required
Job Responsibility
Job Responsibility
  • Lead execution of GRC programs across Aptiv and Wind River, including control maintenance, risk register updates, and audit readiness
  • Maintain documentation, controls, and audit-ready evidence for ISO 27001, NIST 800-171, TISAX, SOX, NIS2, CMMC and GDPR across both Aptiv and Wind River, incorporating new regulatory or customer requirements as they arise
  • Administer GRC tooling (ZenGRC, AuditBoard, ServiceNow), ensuring accuracy, auditability, and workflow continuity
  • Manage internal risk exceptions, maturity roadmaps, and control owners’ engagement
  • Provide daily operational support to maintain compliance posture and support regulatory assessments
  • Own documentation and execution for business impact assessments (BIAs), continuity planning, and tabletop exercises
  • Coordinate resilience planning with cross-functional partners including IT, Facilities, Cyber Defense, and Legal
  • Maintain continuity playbooks, incident response records, and recovery planning materials
  • Provide execution support for Wind River’s third-party risk assessments, evidence collection, and remediation tracking
  • Execute and drive enforcement of cybersecurity right-to-audit clauses with vendors and partners
What we offer
What we offer
  • Hybrid work model for workplace flexibility
  • Comprehensive health, dental, and life insurance
  • Short and long-term disability coverage
  • RRSP matching for financial security
  • Flexible time-off policies for work-life balance
  • Employee assistance program for mental well-being
  • Learning benefits, including a LinkedIn Learning subscription and seminars
  • Fulltime
Read More
Arrow Right

Director of Information Technology

Industrial Defender is seeking a seasoned Director of Information Technology to ...
Location
Location
United States , Foxboro
Salary
Salary:
150000.00 - 175000.00 USD / Year
industrialdefender.com Logo
Industrial Defender
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Technology, Computer Science, or related field
  • 7–10+ years of progressive IT experience, including 3+ years in a leadership role
  • Experience managing data center operations, network infrastructure, and enterprise security
  • Strong knowledge of SOC 2 and related compliance frameworks
  • prior audit management required
  • Proven ability to manage third-party vendors and service providers
  • Strong understanding of cybersecurity best practices and IT risk management
  • Excellent communication, leadership, and interpersonal skills
  • Ability to work on-site in Foxboro, MA
Job Responsibility
Job Responsibility
  • Oversee all aspects of Industrial Defender’s local and colocated data centers, ensuring availability, performance, and security
  • Manage the design, implementation, and maintenance of IT systems including servers, networks, communication systems, storage, hardware, and cloud resources
  • Maintain and optimize endpoint management, identity access management, and enterprise security tooling
  • Ensure business continuity and disaster recovery plans are current, tested, and effective
  • Own and maintain Industrial Defender’s SOC 2 compliance program, including documentation, evidence collection, control implementation, and coordination with external auditors
  • Define, implement, and enforce IT policies, standards, and procedures aligned with organizational and regulatory requirements
  • Protect Industrial Defender’s web presence, office IT environment, and internal systems from unauthorized access, cyber threats, and vulnerabilities
  • Lead ongoing efforts in vulnerability management, incident response, and cybersecurity best practices
  • Manage all third-party technology relationships, including contract negotiation, performance management, and service delivery outcomes
  • Evaluate new vendor solutions and technologies to support business objectives while optimizing cost and operational efficiency
  • Fulltime
Read More
Arrow Right

Business Development Director

iProov is seeking a highly motivated, quota-carrying Business Development Direct...
Location
Location
United States
Salary
Salary:
130000.00 - 150000.00 USD / Year
iproov.com Logo
iProov
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven success in enterprise technology sales, consistently exceeding multi-million-dollar quotas
  • Track record selling into regulated industries (Banking, Financial Services, Travel, Healthcare, or Government)
  • Expertise navigating procurement cycles, compliance-driven sales, and multi-stakeholder decision processes
  • Experience building pipelines from scratch and establishing a presence in new markets
  • Strong commercial acumen and negotiation skills, with an ability to influence executive decision-makers
  • Comfort working independently and globally in a high-growth scale-up, with a hands-on approach to revenue generation
  • Experience with complex RFP responses, multi-year deal cycles, and C-level engagement
  • Willingness to travel to meet customers and attend events
  • English fluency is required
Job Responsibility
Job Responsibility
  • Identify and establish a foothold in untapped sectors, driving first-time engagements with high-value prospects
  • Build and own a robust pipeline of qualified opportunities through targeted outreach, networking, and strategic prospecting
  • Deliver measurable revenue growth by winning new logos and closing high-value deals that align with company objectives
  • Use deep industry knowledge and consultative selling skills to become a go-to expert for enterprise decision-makers
  • Provide actionable market intelligence to refine go-to-market approaches and shape product positioning
  • Partner with marketing, product, and customer success teams to create tailored solutions that exceed client expectations
  • Articulate ROI and the strategic benefits of our solutions, building confidence at all levels of a client’s organisation
  • Represent the company at industry events, conferences, and forums, enhancing brand visibility and thought leadership
  • Execute high-quality, high-velocity sales cycles to exceed quota and accelerate revenue growth
  • Be a relentless brand ambassador, embodying our values while consistently delivering results
What we offer
What we offer
  • 20 days Annual Leave, plus 12 Public Holidays (Extra holidays with service)
  • Growth Shares allocated after passing probation (6 months of service)
  • 401K (3% Employer Contribution)
  • Private Healthcare
  • Dental
  • Short Term & Long Term Disability Cover
  • Work Overseas Perk - Work globally for up to 2 weeks
  • Award winning L&D platform with personal allocated training budgets
  • Benefit from personalized 1:1 career coaching with our in-house Occupational Psychologist
  • Work from Any WeWork globally and enjoy access to WeWork discounts and free online well-being sessions
  • Fulltime
Read More
Arrow Right

Global Chief Information Security Officer

The Global Chief Information Security Officer (GCISO) will lead Allied Universal...
Location
Location
United States , Irvine
Salary
Salary:
275000.00 - 350000.00 USD / Year
aus.com Logo
Allied Universal®
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in computer science, Information Technology, cybersecurity, or a related field
  • Minimum of fifteen (15) years of progressive experience in cybersecurity
  • Minimum of seven (7) years in a senior management role in an information security function
  • Experience in managing, responding to, and mitigating cyber incidents
  • Experience or familiarity with government contracting and public and private company cybersecurity reporting requirements
  • Hands-on cyber incident response coordination and oversight experience
  • Expertise in risk-based frameworks (NIST CSF, ISO 27001, SOC 2, CMMC, NIST 800-171) and familiarity with applicable regulatory regimes (SEC, GDPR, state breach laws, etc.)
  • Proven ability to engage with CEO, Board of Directors, and Executive Team on cybersecurity strategy and governance
  • Ability to operate effectively as both strategist and practitioner, a player-coach who drives global cybersecurity direction while engaging hands-on to guide, mentor, and resolve complex technical and operational challenges
  • Strong leadership skills as well as the ability to work and communicate (verbal, written, and interpersonal) effectively with other leadership and their teams
Job Responsibility
Job Responsibility
  • Develop and execute a global, risk-based cybersecurity strategy and program aligned with Allied Universal's business objectives
  • Establish, communicate, and oversee governance of enterprise-wide cybersecurity policies, standards, and controls that are appropriate for the company's diverse global operations
  • Lead, mentor and manage Regional Cybersecurity Leaders to promote consistency, accountability, and operational effectiveness across all regions
  • Define and monitor key risk indicators, cybersecurity metrics, and maturity objectives to inform executive decision-making and drive ongoing program improvement
  • Oversee global monitoring, detection, and response capabilities that provide 24×7 visibility into potential cyber risks and support timely containment activities
  • Identify and assess emerging threats, technologies, and vulnerabilities to support informed planning and risk mitigation efforts
  • Provide recommendations regarding cybersecurity investments and resource allocation, helping prioritize efforts based on risk, business impact, and value
  • Foster a culture of cybersecurity awareness, ownership, and accountability across all functions and geographies
  • Coordinate, develop, and implement programs designed to train Allied Universal's workforce regarding the company's cybersecurity requirements, including applicable cybersecurity laws and requirements and responding to evolving cybersecurity threats
  • Evaluate emerging threats and vulnerabilities, driving continuous improvement of the company's cybersecurity posture as appropriate
What we offer
What we offer
  • Medical, dental, vision, supplemental income plan with a company match, basic life, AD&D, and disability insurance
  • Eight paid holidays annually, five sick days, and four personal days
  • Executive Flex Vacation Plan
  • annual bonus
  • equity package
  • Fulltime
Read More
Arrow Right