Network Security Compliance Lead

The Network Security Compliance Lead will serve as the primary architect for translating high-level regulatory mandates into granular, technical requirements. Candidates will bridge the gap between Legal/Regulatory bodies and Platform/Network Engineering teams, ensuring that "Security by Design" is not a slogan, but a documented, auditable technical reality. As a "Technical Architect-Auditor." you will deconstruct legal mandates into engineering specs and then execute the hands-on implementation of those requirements. You are responsible for the technical enforcement of the Sovereign Data Controller concept, ensuring the client’s network can programmatically respond to regulatory demands
Core Responsibilities:
-Automated Regulatory Architecture & Engineering (30%)
• The Translator: Deconstruct complex legal mandates (e.g., NIS2 Directive Article 21, SOC 2 Trust Services Criteria) into actionable technical requirements for platform delivery and network teams.
• Compliance-as-Code: Translate NIS2 and SOC 2 requirements into automated security policies (e.g., Open Policy Agent (OPA) or AWS Config).
• Methodology Authoring: Develop and maintain the official Incident Handling Methodology and step-by-step procedures for regional compliance authorities.
• Platform Delivery Specs: Create and sign off on Security Requirement Documents (SRDs) for all new platform features, ensuring network segmentation and identity controls are baked in.
• Stakeholder Liaison: Interface directly with Legal, Regulatory CRAs, and external auditors to defend technical control logic.
-Hands-on Technical Execution (20%)
• Configuration & Implementation: Execute hands-on configuration changes and network modifications based on defined requirements (e.g., Firewall rules, VPC hardening, IAM policies).
• Sovereign Data Controller: Build and manage the Sovereign Data Controller framework; specifically, engineering the capability to programmatically turn connections on/off based on data residency or compliance triggers.
• Technical Operations: Act as the primary technical executor once requirements and processes are defined, ensuring no "gap" between policy and production.
• Network Automation: Utilize Ansible, Terraform, or Python to automate network hardening and firewall rule lifecycle management.
-Audit & Stakeholder Interface (30%)
• Legal & Regulatory Liaison: Act as the technical point of contact for the Legal department and External Auditors. Defend technical implementations and explain control logic in non-technical terms.
• CRA/Regulatory Management: Manage submissions and evidence gathering for Cyber Resilience Act (CRA) or similar regional certifications.
• Risk Reporting: Translate technical network risks into Business Impact Analyses for executive leadership and legal counsel.
• Data Portability: Develop and maintain automated download capabilities for audit evidence and regulatory logs to streamline external review.
-Network & Platform Security Governance (10%)
• Technical Oversight: Leverage deep knowledge of TCP/IP, Zero Trust Architecture, and Cloud Networking to validate that configurations (Firewalls, VPCs, IAM) actually meet the intended compliance goals.
• Gap Analysis: Lead continuous "pre-audit" assessments of the network stack to identify and remediate non-conformities before they reach an official auditor.
• Process Automation: Work with engineering to automate the collection of compliance evidence (Evidence-as-Code) to reduce manual audit toil.
-Reporting & Audit Automation (10%)
• Automated Reporting: Build and maintain regulatory reporting views and dashboards that provide real-time, "downloadable" compliance status for auditors.
• Reporting Engineering: Design and build regulatory reporting views within internal dashboards to provide real-time visibility into compliance status.
• Data Portability: Develop and maintain automated download capabilities for audit evidence and regulatory logs to streamline external review.
• Gap Remediation: Identify network vulnerabilities and manually implement the required technical fixes to maintain an "Always Audit-Ready" state.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

- 7+ years in Cybersecurity, with at least 3 years in a Lead/Managerial compliance role.
-Ability to read a network diagram and understand BGP, VPN tunneling, and micro-segmentation – this role will not be configuring the router, but must know what a secure configuration looks like.
-Proven experience implementing NIS2 and successfully passing SOC 2 Type II audits.
-Expert-level proficiency in Infrastructure as Code (IaC)
-Strong scripting skills (Terraform, Python, Bash).
-Deep knowledge of SDN (Software Defined Networking), Zero Trust, and cloud-native networking (VPC, Transit Gateways).
-Direct experience implementing NIS2 Directive and SOC 2 Type II in a high-growth environment.
-Hands-on with SIEM/SOAR platforms (e.g., Palo Alto Cortex XSOAR) for automating response.

-CISA (Certified Information Systems Auditor) or CISSP

Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.