Director, Internal Compliance

About the Role: The Director of Internal Compliance will lead the internal compliance efforts for Dataprise, ensuring adherence to all relevant federal, state, and industry regulations. This individual will be responsible for implementing, managing, and continuously improving the company’s internal compliance program. The role will oversee risk assessments, lead risk management initiatives, develop and track Plans of Action and Milestones (POAMs), and ensure progress on all compliance and internal security initiatives. The Director of Internal Compliance will work closely with leadership teams, IT, security, legal, and other operational technology pillars to align compliance efforts with business objectives. This is a hands-on role where you must be able to build the security program from the ground up.

Why Dataprise? 

• Dataprise is a private equity-backed company whose mission is to grow organically and inorganically through the acquisition of solid-performing businesses that are well aligned to our philosophies and values. 
• Our mission is to delight our clients and create an outstanding people experience both internally and externally. 
• We are an employee-focused organization that prioritizes employee retention, satisfaction, and empowerment. 
• We provide career growth opportunities through internal movement and through continuous learning, upskilling, job shadow programs, career mentors, annual training allotments, and LinkedIn Learning licenses for all employees. 
• Comprehensive Wellness Program including gym membership discounts/subsidies, and Wellness Rewards opportunities.  
• A commitment to Diversity, Equity, and Inclusion (DEI) through a multi-faceted DEI Program. 
• A focus on work/life balance including hybrid and remote work options, 10 paid holidays and generous PTO. 
• Competitive pay and a comprehensive benefits package including top-quality medical, dental, and vision coverage for you and your family + FREE telemedicine benefits, company-paid Employee Assistance Program (EAP), and 401(k) with company match. 
• An opportunity to grow, be challenged, have fun, and learn from some of the most talented technology professionals out there.   

 
What You'll Do: 
Regulatory Compliance & Governance:

• Develop, implement, and maintain a comprehensive internal compliance program aligned with regulatory, federal, state, and industry regulations (e.g., CMMC/NIST 800-171, HIPAA, SOC 2, GDPR, ISO27001, etc.).
• Ensure company policies and procedures reflect compliance requirements and are updated as necessary to address regulatory changes.
• Serve as the subject matter expert (SME) on compliance requirements applicable to Managed Service Providers (MSPs).
• Oversee compliance audits and assessments to verify adherence to established policies and regulatory standards.
• Act as the primary liaison with regulatory agencies, auditors, and external assessors.

Risk Management & Assessments:

• Conduct and oversee enterprise-wide risk assessments to identify and mitigate compliance and security risks.
• Lead the development and implementation of risk management frameworks and strategies to address identified vulnerabilities.
• Collaborate with cross functional teams to assess and enhance internal security controls.

POA&M Development & Compliance Tracking:

• Develop, maintain, and track Plans of Action and Milestones (POA&Ms) to address compliance gaps and remediation efforts.
• Monitor and report on the progress of compliance initiatives and remediation plans to executive leadership.
• Establish and manage compliance KPIs and reporting mechanisms to measure the effectiveness of internal compliance efforts.

Policy & Procedure Development:

• Develop, review, and update internal compliance policies, procedures, and documentation to align with best practices and regulatory requirements.
• Ensure company-wide awareness and understanding of compliance obligations through training and guidance.
• Work with HR and leadership teams to develop training programs that promote a culture of compliance.

Collaboration & Leadership:

• Partner with Internal IT, cybersecurity, legal, and business tech pillars to ensure compliance efforts align with overall business strategy.
• Lead cross-functional teams in implementing compliance-related projects and initiatives.
• Provide compliance advisory support to internal stakeholders and ensure business processes align with compliance requirements.
• Other duties as assigned.

What Skills & Experience You’ll Need: 

• Bachelor’s degree in Compliance, Business Administration, Cybersecurity, Law, or a related field (Master’s degree preferred).
• Must have previous experience leading multi-framework compliance functions or teams within large and/or complex environments.
• Must have previous experience building a compliance program for an enterprise.
• 7+ years of experience in information security compliance, enterprise compliance, risk management, or governance roles, preferably within an MSP or IT services environment.
• Strong knowledge of regulatory, federal and state compliance frameworks, including PCI, CMMC, NIST, HIPAA, SOC 2, GDPR, DoDI, or DoDD, .
• Experience conducting risk assessments and managing risk mitigation efforts.
• Proven ability to develop, implement, and track compliance programs and POAMs.
• Excellent leadership and project management skills with the ability to drive initiatives forward.
• Strong analytical and problem-solving skills with attention to detail.
• Effective communication and interpersonal skills to engage with stakeholders across all levels of the organization.
• Industry certifications such as CISA, CCP, CISM, CRISC, CISSP, or similar are a plus.

Compensation:

• Dataprise is committed to maintaining a positive work environment by ensuring that compensation across the Company is managed in a competitive, consistent, and fair manner. Each Dataprise employee will be compensated in line with their specific scope of responsibility, skill level, and educational background, in addition to the projected impact on the success of the Company.
• We have a comprehensive Compensation Management System which establishes the guidelines we use in making compensation decisions and is comprised of compensation policies, salary structures, salary grades, incentive target guidelines, job descriptions, and career charts.
• This position’s Salary Range is $125,000-$145,000 (NOTE: this is the range at the national average level; specific salaries offered will be adjusted higher/lower due to the local labor market of the candidate. Individual compensation packages are based on various factors unique to each candidate, including skill set, experience, qualifications, and other job-related reasons).

Dataprise Diversity Commitment: At Dataprise, we celebrate what makes us unique: our people. We believe in fostering a diverse and inclusive work environment that seeks and embraces thoughts and ideas from all different backgrounds. We welcome everyone and are committed to providing equal employment opportunity regardless of race, gender, religion, ethnicity, disability, national origin or sexual orientation. We are #DataprisePROUD!

Dataprise is an Equal Opportunity Employer.