The Compliance Lead ensures secure operations of systems and compliance with laws, conducts audits, and implements security policies. They lead design and review of security controls, provide expert guidance, and promote security awareness within teams.
Company Description
Description:
The Data Compliance Lead’s role is to ensure the secure operation of the in-house systems, servers, and network connections in accordance with internal processes, procedures, and compliance requirements as well as Federal, State and Local laws. Tasks also includes conducting regularly scheduled audits on internal systems and hosting third-party and/or Cloud audits as required in order to maintain certifications and compliance certificates. The data compliance lead also develops implements, maintains, and oversees remediation and enforcement of internal security policies and procedures.
Top 3 Must Have Skills:
Data Compliance Lead is responsible for designing, publishing and reviewing technology designs, security controls and solutions to reduce the risk of unauthorized access, transmission and storage of confidential Ex: IRS 1075, IRS Pub 1075, TOP, SSA, DHS, and PII and FTI data.Partner with security architects, other functional-area architecture, engineering, and security specialists to ensure adequate security solutions and controls are in place throughout the IT systems and platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirementsProvide expert-level guidance to security analysts, testers, and development teams during application security assessments. Must be able to identify, re-create, and remediate security defects
Other Desired SkillsAdditional Information
Direct Client
Job DescriptionTitle:
Compliance Lead
Duration: 8+ months
Location: Denver, CO
Description:
The Data Compliance Lead’s role is to ensure the secure operation of the in-house systems, servers, and network connections in accordance with internal processes, procedures, and compliance requirements as well as Federal, State and Local laws. Tasks also includes conducting regularly scheduled audits on internal systems and hosting third-party and/or Cloud audits as required in order to maintain certifications and compliance certificates. The data compliance lead also develops implements, maintains, and oversees remediation and enforcement of internal security policies and procedures.
Top 3 Must Have Skills:
Data Compliance Lead is responsible for designing, publishing and reviewing technology designs, security controls and solutions to reduce the risk of unauthorized access, transmission and storage of confidential Ex: IRS 1075, IRS Pub 1075, TOP, SSA, DHS, and PII and FTI data.Partner with security architects, other functional-area architecture, engineering, and security specialists to ensure adequate security solutions and controls are in place throughout the IT systems and platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirementsProvide expert-level guidance to security analysts, testers, and development teams during application security assessments. Must be able to identify, re-create, and remediate security defects
Other Desired Skills
- As and an expert/lead technical will define the information security architecture and design for the application.
- Providing training for development and QA teams on how to implement Secure Software Development Life Cycle S-SDLC into their existing practices
- In-depth knowledge on common web application security flaws and secure coding practices and the ability to clearly explain security issues to project and development staff
- Ability to prioritize and track security issues and work with the necessary teams to ensure remediation
- Serve as a leader by promoting security awareness, mentoring other team members, and staying up-to-date on current development methodologies (Agile/DevOps)
- Understand HTTP, REST, SOAP, XML and JSON as it relates to APIs and AJAX, Experience using and compliance testing REST and/or SOAP APIs
- Understanding of AWS, Azure, and other cloud solutions, security issues and Security controls in those environments
- 7+ years in Information Security space
- 5+ years in enterprise software development
- Strong development background with prominent web or mobile development languages and frameworks, provide security remediation advice to development and testing teams;
- Strong experience with Threat Modeling in an enterprise, not just theoretical
- Strong oral, written, and presentation abilities -able to convey risk to all levels of the business, from C-level executives to operations and development teams
- Strong understanding of web applications and architectures, relational and non-relational databases, and hardware architectures, and effectively applying the principles of information security to IT environments
- Strong experience working in a multi-platform, multi-protocol, distributed enterprise computing environment
- Experience with Unix/Linux and Windows system administration
- Some understanding of governance frameworks such as ITIL and ISO 27001;
- Some project management experience: Able to assess needs, define objectives, identify resources needed to achieve objectives and begin implementation towards goal completion;
- Must be able to work effectively alone and as part of a larger project team.
- Current understanding of Industry trends and emerging threats
All your information will be kept confidential according to EEO guidelines.
Top Skills
AWS
Azure
HTTP
JSON
Linux
Rest
Soap
Unix
Windows
XML
Similar Jobs
Fintech • HR Tech
Lead benefits compliance for a multi-entity PEO/co-employment model. Design and run compliance programs across health benefits, workers' compensation, unemployment, and state disability. Advise Product, Legal, and Operations on regulatory interpretation, implement scalable controls, and mentor team members while managing complex multi-state regulatory risks.
Aerospace
Lead IT compliance and GRC for defense and space programs: maintain cybersecurity framework, map controls (NIST/CMMC/DFARS/ITAR), produce SSPs/POA&Ms, prepare for audits, run risk assessments, manage CUI/export control practices, coordinate cross-functional compliance, and deliver training and readiness exercises.
Top Skills:
Nist Sp 800-171,Cmmc,Dfars 252.204-7012,Itar,Ear,Microsoft Gcc High,Azure Government,Fedramp,Govcloud,Archer,Servicenow Grc,Drata
Fintech • Insurance
The Lead Compliance Analyst - Data Analytics mitigates risks by enforcing compliance policies, analyzing data and regulatory requirements, and providing guidance on compliance matters related to data and AI initiatives.
Top Skills:
Data AnalyticsMS Office
What you need to know about the Colorado Tech Scene
With a business-friendly climate and research universities like CU Boulder and Colorado State, Colorado has made a name for itself as a startup ecosystem. The state boasts a skilled workforce and high quality of life thanks to its affordable housing, vibrant cultural scene and unparalleled opportunities for outdoor recreation. Colorado is also home to the National Renewable Energy Laboratory, helping cement its status as a hub for renewable energy innovation.
Key Facts About Colorado Tech
- Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
- Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
- Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
- Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
- Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute
