Technology Risk & Compliance Lead

Recorded Future seeks a Technology Risk & Compliance Lead to manage regulatory compliance audits for using established risk and security frameworks. Additionally, experience in business continuity/crisis management, insider risk programs, and/or FedRamp certification would be key as this role is at the forefront of maturing integrations across Legal & Compliance, Information Security, Technology, and key business partners. The individual will have a critical role in problem-solving through independent work, collaboration across teams, engagement with senior leadership, and helping create recommendations for executive decisioning.

• Prepare for internal and external assessments ( ISO, SOC, FedRampetc.) by ensuring controls are audit-ready and validated on an ongoing basis
• Conduct risk assessments to identify potential security risks and advise on process and governance improvements to mitigate these risks
• Help conduct post-audit after action reports to remediate any risks and identify areas for continuous improvement (process, training, automation, etc.)
• Coordinate closely with information security and technology teams to holistically mature enterprise resilience through remediation of audit findings, adaptive business continuity practices, engagement in tabletop exercises, and policy updates. Maintain evidence repositories and gather evidence to support both internal and external assessment and certification testing
• Report risk and control status to senior management and governance committees (Legal, Privacy, Enterprise Risk Management, etc.)
• Participate in multi-stakeholder meetings and provide administrative support for senior-level discussions
• Maintain a deep understanding of the business operation priorities and align compliance obligations to shape successful execution of priorities
• Ensure ongoing compliance with statutory and regulatory requirements andanticipate future legislation and/or customer demands, advising management on required actions and adjustments as needed
• Regularly define and review key success metrics for data-focused tracking and proactively seek out new and improved mechanisms for visibility, ensuring the program stays aligned with organizational objectives

• Experience with artifact collection and compliance, either through technical control frameworks (e.g., SOC2, ISO27001, FedRAMP, ) or through comparable evidence collection and documentation obligations that require great attention to detail (i.e. Woods review, litigation discovery stage, facility clearance application, etc)
• Strong interpersonal, communication, and presentation skills necessary for interaction with business leaders and teams across all levels of the organization
• Strong negotiation and consensus-building skills
• The ability to meet project deliverables
• Contribute to a work environment that encourages knowledge of, respect for, and the development of skills to engage with those of other cultures and backgrounds

• Bachelor's degree or equivalent combination of education and experience; with strong preference for work experience in program management, crisis management, and/or sensitive investigations. a degree in Prior work in a highly regulated industry or classified work environment
• Experience with executive briefings and/or participation in solutions-oriented working groups
• Spanish and/or Ukrainian language proficiency is a plus
• Willingness to invest time into professional development (training, conferences, certifications)

The base salary range for this full-time position is $108,000-$162,000. Our salary ranges are determined by role, level, and location. The salary displayed reflects the range for new hire salaries for the position across all US locations. Within the range, individual pay is determined by state, work location and additional factors, including job-related skills, experience, and relevant education or training. This position may be eligible for incentive compensation, equity, and medical, dental, vision, life insurance and 401K. Your recruiter can share more about the specific details of the compensation and benefit package during the hiring process.