Director of Cybersecurity & Compliance

Join a fast-growing, privately held company that is investing heavily in its technology and security future. This is a rare opportunity to build and mature the organization’s cybersecurity and compliance program from the inside, serving as the company’s primary security authority. While security operations are largely supported by external vendors today, you’ll establish strategy, validate vendor performance, strengthen governance, and help build a scalable security posture that supports continued business growth. This is a highly visible, hands-on individual contributor role with significant executive exposure—no direct people management required.

As part of our process after applying, you may receive an invitation from our AI Recruiter Avery for a short conversation that lets you share more about your background beyond your resume. For questions, contact recruiting@itccorp.com.

Job Type: Direct Hire
Location: Newport Beach, CA (Onsite 5 days per week)
Compensation: This job is expected to pay about $170,000–$180,000 annually (negotiable)
No Visa Sponsorship Available for this role

What You’ll Do:

Build and mature the company’s cybersecurity, governance, and compliance program while serving as the internal security authority.
Partner with executive leadership to develop and execute a multi-year information security roadmap aligned with business growth.
Lead security governance efforts across PCI, SOC 2 readiness, NIST, privacy regulations, risk management, and audit activities.
Evaluate, challenge, and oversee the work of third-party security vendors (MSSPs), ensuring services are effective and aligned with business needs.
Assess and strengthen security capabilities across SIEM, EDR, IAM, vulnerability management, email security, cloud security, and GRC.
Develop security policies, standards, incident response processes, and risk management frameworks.
Review SOC reports, security assessments, penetration testing results, and remediation plans.
Collaborate with infrastructure, DevOps, application teams, and business leaders to improve the organization’s overall security posture.
Help establish internal confidence in technology by providing structure, clear communication, and pragmatic security leadership.
Manage offshore security resources while coordinating priorities with internal IT leadership.

What Gets You the Job:

8+ years of experience in cybersecurity, information security, security engineering, or IT risk/compliance with experience building or maturing enterprise security programs.
Strong experience with PCI Compliance, SOC 2 rediness, NIST, Governance, and MSSP Management
Hands-on knowledge of SIEM, EDR, IAM, vulnerability management, GRC, email security, cloud security, and modern security architecture.
Experience reviewing SOC reports, performing security assessments, identifying gaps, and driving remediation efforts.
Strong understanding of Azure or other cloud platforms, identity and access management, and enterprise security best practices.
Experience working with offshore resources and cross-functional business and technology teams.
Excellent communication skills with the ability to explain technical security concepts to business leaders and executives.
Experience using AI tools to improve productivity, automation, or security operations is highly preferred.
CISSP, CISM, CISA, CCSP, or similar certifications are a plus.

Irvine Technology Corporation (ITC) connects top talent with exceptional opportunities in IT, Security, Engineering, and Design. From startups to Fortune 500s, we partner with leading companies nationwide. Our AI recruiter, Avery, helps streamline the first step of your journey—so we can focus on what matters most: helping you grow. Join us. Let us ELEVATE your career!

Irvine Technology Corporation provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law