Jobs · Information Technology · Tennessee

Director, Cybersecurity & Compliance

Arctiq · Knoxville, TN · 2 wk ago
On-siteInformation TechnologyFull-time

Responsibilities

  • Cybersecurity Operations
    • Lead day-to-day cybersecurity operations and manage the security team.
    • Serve as the senior escalation point for security incidents, vulnerabilities, and client risk concerns.
    • Oversee managed security services including: Endpoint Detection & Response (EDR), Identity Threat Detection, Vulnerability Management, SIEM & Log Management, Email Security, DNS Filtering, Security Awareness Training.
    • Maintain incident response procedures, operational playbooks, and security workflows.
    • Monitor service performance, identify trends, and drive continuous improvement.
  • Compliance & CMMC Leadership
    • Lead the organization's cybersecurity compliance program with an emphasis on CMMC Level 2, NIST SP 800-171, and related regulatory frameworks.
    • Develop operational processes that support audit readiness and defensible compliance.
    • Translate compliance requirements into technical standards, operational controls, documentation, and evidence collection processes.
    • Oversee control ownership, remediation tracking, policy development, and assessment readiness.
    • Coordinate with external assessors, consultants, and compliance partners.
  • Security Architecture & Standards
    • Develop and maintain enterprise security standards and baseline configurations.
    • Define secure technology standards across Microsoft 365, Microsoft Entra ID, Azure, endpoints, servers, firewalls, and cloud infrastructure.
    • Evaluate new security tools and technologies for operational effectiveness, compliance value, and scalability.
    • Partner with infrastructure, networking, cloud, and service teams to ensure consistent implementation of security standards.
  • Threat & Vulnerability Management
    • Lead vulnerability management and incident response activities.
    • Develop remediation standards, severity classifications, and response playbooks.
    • Coordinate investigations and communications during security incidents.
    • Identify recurring security risks and implement long-term improvements through automation and process optimization.
  • Governance, Risk & Compliance
    • Maintain security policies, standards, risk registers, and governance documentation.
    • Support SOC 2, HIPAA, CMMC, and other compliance initiatives.
    • Conduct access reviews, control validation, and risk assessments.
    • Support disaster recovery, business continuity, and tabletop exercises.
  • Client Advisory & Strategic Initiatives
    • Participate in executive-level client meetings, security assessments, and strategic planning discussions.
    • Support business development through technical discovery, solution validation, and cybersecurity consulting.
    • Review proposed security solutions for technical feasibility and compliance alignment.
    • Stay current on evolving cybersecurity threats, regulatory changes, and industry best practices.

    Qualifications

    • Proven leadership experience managing cybersecurity operations and security teams.
    • Strong background in managed security services, consulting, or enterprise cybersecurity.
    • Hands-on experience with Microsoft security technologies, SIEM platforms, vulnerability management, identity security, and cloud security.
    • Deep understanding of CMMC Level 2, NIST SP 800-171, DFARS, SOC 2, HIPAA, and related compliance frameworks.
    • Experience building operational processes, security standards, and governance programs.
    • Excellent communication skills with the ability to engage technical teams, executives, and clients.
    • Preferred Certifications: CISSP, CISM, CSCP, CMMC CCP/CCA.

Similar jobs

Director of Cybersecurity

Altar'd StateKnoxville, TN· 1 wk ago
Information Technologyapply on standoutforgood.wd12.myworkdayjobs.com