Compliance Specialist, IT/Tech
Job in
Denver, Denver County, Colorado, 80285, USA
Listed on 2025-12-01
Listing for:
New Charter Technologies, Llc
Full Time
position Listed on 2025-12-01
Job specializations:
-
IT/Tech
Cybersecurity, Information Security, Data Security, IT Consultant
Job Description & How to Apply Below
**** Every application is reviewed by a member of our team, no AI filters, no automated screenings. Just real people looking for real potential.
** The Security Compliance Specialist will play a key role in developing, maintaining, and enhancing New Charter Technologies’ security and compliance programs. This role will focus on building a global privacy program, providing oversight during mergers & acquisitions (M&A), and managing third-party vendor compliance. The ideal candidate will be comfortable operating in a fast-paced MSP environment, balancing internal security needs with client and regulatory expectations, and serving as a trusted advisor across the organization.##
** Primary Responsibilities**###
** Compliance & Regulatory Oversight
*** Ensure adherence to regulatory and industry standards relevant to clients (e.g., HIPAA, PCI-DSS, SOC 2, CMMC, GDPR, NIST CSF, ISO 27001).
* Support client compliance initiatives by providing expertise, documentation, and remediation strategies.
* Lead internal compliance reviews, risk assessments, and readiness checks for audits and certifications.###
** Policy & Documentation
*** Develop, implement, and maintain security compliance policies, standards, and procedures for both internal operations and client environments.
* Maintain audit-ready documentation and evidence for internal and client-facing compliance programs.
* Support contract and vendor compliance reviews, including responding to client security questionnaires.###
** Risk & Incident Management
*** Partner with security and service delivery teams to identify, assess, and mitigate compliance risks.
* Track remediation efforts and ensure corrective actions are implemented and verified.
* Provide compliance guidance during incident response to ensure regulatory reporting obligations are met.### ###
** Global Privacy Program
*** Design, implement, and manage a global privacy program that ensures compliance with data protection laws and regulations (e.g., GDPR, CCPA, HIPAA, PIPEDA, LGPD).
* Develop and maintain privacy policies, data handling procedures, and cross-border data transfer frameworks.
* Conduct regular privacy impact assessments (PIAs) and data protection impact assessments (DPIAs).
* Provide training and awareness programs to staff and stakeholders regarding data privacy obligations.
* Monitor evolving privacy legislation worldwide and advise leadership on compliance strategies.### ###
** Mergers & Acquisitions Oversight
*** Lead security and compliance due diligence activities during M&A processes.
* Assess security posture, privacy risks, and regulatory compliance of target companies.
* Develop integration plans for aligning acquired entities with New Charter’s compliance frameworks.
* Partner with legal, finance, and IT teams to identify risks and ensure smooth transitions.
* Provide compliance reports and recommendations to senior leadership during acquisition evaluations.### ###
** Third-Party Vendor Risk Management
*** Establish and maintain a third-party vendor risk management program.
* Conduct due diligence, risk assessments, and ongoing monitoring of vendors handling sensitive data or providing critical services.
* Review and negotiate vendor security and privacy provisions in contracts.
* Develop processes for continuous vendor oversight, including periodic reassessments.
* Act as the primary point of contact for third-party security and compliance inquiries.## ##
** Qualifications
* ** Bachelor’s degree in Information Security, IT Management, Business, Law, or related field (or equivalent experience).
* 5+ years of experience in security compliance, privacy, or risk management, ideally within an MSP, SaaS, or multi-client environment.
* In-depth knowledge of global data privacy regulations (GDPR, CCPA, HIPAA, etc.).
* Experience with M&A due diligence and post-acquisition integration.
* Strong background in third-party/vendor risk management.
* Familiarity with common security frameworks (ISO 27001, NIST CSF, SOC 2, PCI-DSS, CMMC).
* Excellent written and verbal…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×