Sr. Director, Information Security Compliance

Job Title: Sr. Director, Information Security Compliance
Job ID: 81077
Location: Los Angeles, California


What you will be doing:

• Implement the ISO/IEC 27000 family of standards within the organization, and ensure the organization’s Information Security Management System (ISMS) is in compliance with the standards.

• Develop and lead the organization’s initial ISO/IEC 27000 certification and recertification efforts as our internal auditor and manage remediation plans to address compliance gaps.

• Serve as the internal subject matter expert (SME) on ISO/IEC 27000 family and interface with internal and external auditors, certification bodies, and regulatory agencies.

• Assess information security risks in alignment with the InfoSec team and business objectives.

• Create and maintain a library of E&IT policies, guidelines, process and controls to align with ISO/IEC 27000 standards and NIST CSF framework.

• Own the document governance and lifecycle of E&IT policies, guidelines, process and controls, ensuring they are audited and reviewed.

• Collaborate with Planning, Risk Management, Legal, Engineering, Operations, and Business functions to integrate ISO-aligned standards and controls into business operations.

• Regularly interact with senior business leaders to establish strategic plans and objectives.

• Ensure all E&IT systems comply with security, regulatory, and governance standards, minimizing risks to business operations.

• Monitor changes in the ISO 27000 family of standards and other relevant regulatory frameworks (e.g., NIST, SOC 2, GDPR) to adapt organizational policies accordingly.

• Present reports and strategic insights to executive leadership, including risk assessments, audit outcomes, and compliance posture.

• Build and lead a high-performing compliance and risk management function within E&IT and in collaboration with company business functions.

• Facilitate the development of a significant knowledge base in others; may define role of staff members

• Other duties as assigned or requested within the scope of compliance, risk management, and audit.

What you must have:

• Deep understanding of the ISO/IEC 27000 family of standards, including principles, controls, structure, and best practices and experience in building a high-performing compliance and risk management program within a technical function.

• Knowledge of how information security risk management frameworks, specifically NIST CSF, can crosswalk to ISO/IEC 27000 family of standards.

• Knowledge of how to perform risk assessments to identify vulnerabilities, threats, and impacts, and how to create risk treatment plans.

• Knowledge of how to design and implement risk mitigation strategies, control measures, and residual risk evaluation.

• Understanding of Compliance and Legal requirements around data privacy and contractual obligations.

• Expertise in preparing for both internal and external audits, ensuring that controls and systems are compliant with ISO/IEC 27000.

• Ability to develop, implement, and maintain information security policies, procedures, and guidelines.

• Understanding of how information security fits into the larger governance framework of an organization.

• Knowledge of incident response processes and business Continuity Planning (BCP) and disaster recovery plans that are in line with ISO/IEC 27000 standards.

• Ability to work cross-functionally and influence stakeholders at all levels.

• Strong interpersonal communication skills and the ability to maintain effective working.

• Ability to effectively facilitate meetings.

Education and Experience 

• Bachelor’s or Master’s degree in Computer Science, IT, Engineering, or significant work experience in a related field.

• Minimum twelve (12) years of experience in information security, compliance, or IT governance roles.

• ISO/IEC 27000 Lead Auditor, CISSP, CISM, or similar certifications preferred.

Language

• Fluency, both written and spoken, in English is required.

• The company is a global organization that values diversity; preference will be given to candidates with demonstrated skills in additional languages besides English.

Salary/Rate Range: $150,000.00 - $200,000.00


For more information about TEEMA and to consider other career opportunities, please visit our website at www.teemagroup.com