Jobs · Information Technology · Georgia

Security & Compliance Specialist

Information TechnologyFull-time

Core Responsibilities

  • Define, document, and evolve Spinen’s baseline security standards (CIS IG1 as the minimum for all clients)
  • Ensure CIS IG1 is implemented and sustained across 100% of client environments, with no permanent exceptions
  • Design and maintain layered security and compliance standards (e.g., SOC 2, CMMC) for Compliance and Service clients
  • Conduct research and evaluation of security tools and approaches, selecting and standardizing solutions in close collaboration with Pod leadership
  • Work with Pods to ensure standards are implemented consistently and efficiently across environments
  • Proactively assess client environments to identify security gaps, risks, and drift from established standards
  • Actively drive remediation plans with Pods and clients to close identified gaps
  • Engage directly with clients as a peer advisor to explain security risks, required controls, and necessary changes
  • Support Pods during client pushback by clearly articulating risk, necessity, and tradeoffs
  • Lead security incident response efforts during active compromises or material security events
  • Carefully coordinate Pods and internal teams during investigation, containment, and recovery
  • Ensure incidents result in meaningful improvements to standards, controls, and processes
  • Maintain accurate incident documentation and reporting for internal leadership and clients
  • Define what “done” means for security controls: implemented, automated where possible, and measurable
  • Share responsibility with Pods for evidence and measurement, while remaining accountable for unresolved gaps
  • Continuously assess security posture and control effectiveness
  • Provide formal quarterly reporting to leadership focused on:
    • Risk reduction
    • Gap closure
    • Drift prevention
    • Prioritization of security work
  • Act as the product owner and internal client for security and compliance automation
  • Define automation requirements and success criteria
  • Partner with Spinen’s automation team to ensure automation meaningfully reduces risk and operational effort

Collaboration & Advisory

  • Work closely with Pods, vendors, and internal teams to ensure secure and compliant solutions
  • Communicate Spinen’s security standards, expectations, and best practices clearly and consistently
  • Support Tier 2/3 escalations related to security specific issues

Required Skills & Abilities

  • Proven experience in IT security operations, incident response, or security program management
  • Strong understanding of security frameworks and controls (CIS, SOC, CMMC, etc.)
  • Experience working across multiple client environments (MSP or similar)
  • Ability to translate technical risk into clear, practical guidance for clients and internal teams
  • Comfortable delivering informed opinions, leading discussions, and driving decisions without direct authority
  • Strong analytical, organizational, and communication skills
  • Proficient in Microsoft Office

Education & Experience

  • Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent experience
  • 3+ years of experience in IT security or compliance within an MSP or multiclient environment (preferred)
  • Industry certifications (CISSP, CISM, CEH, CompTIA Security+) are a plus

Similar jobs