Security & Compliance Specialist

Job#: 3028029

Job Description:

Role: Security & Compliance Specialist

Duration: Long-Term Contract

Location: Hybrid - 4 days/week onsite in SE MI

Position Overview

This role is responsible for reviewing cybersecurity laws and regulations, analyzing their impact on the organization, and ensuring enterprise security policies, controls, and processes align with regulatory requirements. The Senior Cybersecurity Policy & Compliance Specialist will serve as a key liaison between security, legal, privacy, and business stakeholders while leading regulatory cybersecurity assessments, third-party risk programs, and audit-ready compliance initiatives.

Key Responsibilities

• Advance company policy priorities related to cybersecurity, cybercrime, lawful access, encryption, and related issues through legislative, administrative, and regulatory engagement
• Review and assess cybersecurity and cybercrime laws, regulations, and initiatives, analyzing their impact on the organization
• Develop and maintain security policies and procedures, and drive technical implementation of policy requirements
• Lead and manage the third-party security risk management program, including risk standards, assessments, and remediation processes
• Advise on, review, and ensure the effectiveness of security controls supporting globally deployed IT infrastructure
• Monitor processes for compliance risk and vulnerabilities, escalating non-compliance issues to appropriate stakeholders
• Establish and maintain strong working relationships with government affairs, public policy teams, legal, and peer organizations to support regulatory objectives

Regulatory & Compliance Leadership Responsibilities

• Lead end-to-end regulatory cybersecurity assessments and questionnaires from local, state, and national government entities
• Act as a subject matter expert (SME) for internal teams, providing guidance on security controls, risk mitigation, and regulatory interpretation
• Collaborate closely with Privacy and Compliance attorneys to interpret and execute IT-related regulatory requirements
• Facilitate and support internal and external audits, third-party consulting engagements, and enterprise risk assessments
• Maintain transparency and execution velocity by managing compliance-related user stories and backlogs in Jira, aligning regulatory work with the broader technology roadmap

Required Skills & Competencies

Risk Assessment

• Ability to perform targeted risk assessments comparing the organization's current security posture against regulatory and state-mandated requirements
• Experience evaluating compliance against frameworks such as NIST, CSF, and state-level cybersecurity questionnaires

Risk Management

• Proven ability to manage the lifecycle of identified security gaps, including remediation planning and documentation of compensating controls
• Capability to clearly articulate risk acceptance, mitigation, and remediation strategies to regulators and internal stakeholders

Compliance & Regulatory Expertise

• Experience interpreting and applying diverse cybersecurity regulations and frameworks, including NYDFS, CCPA, and CPRA
• Ability to translate regulatory requirements into actionable technical and operational controls

Auditing

• Strong "audit-ready" mindset, including identification, organization, and maintenance of supporting artifacts and evidence for compliance submissions

Information Security

• Ability to translate complex technical architectures (e.g., zero trust, encryption models, incident response) into clear, regulator-friendly language

Experience & Education

Experience Required

• Senior Specialist level with 7+ years of experience in cybersecurity, risk management, compliance, auditing, or related fields

Education Required

• Bachelor's Degree

EEO Employer

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at or .

Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico. Apex uses a virtual recruiter as part of the application process. Click for more details.

Apex Benefits Overview: Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Apex team member can provide.