Network Right is hiring a Senior IT Security & Compliance Consultant to help clients build and maintain strong security and compliance programs. You will serve as a trusted advisor to high-growth startups and enterprises, guiding them through compliance readiness, audit preparation, and ongoing risk management to meet rigorous standards. Our mission is to make world-class IT and cybersecurity accessible and human-centered.
What You'll Do
- Serve as the primary compliance advisor for assigned clients, leading engagements from gap assessments to audit completion.
- Develop and manage remediation roadmaps aligned with frameworks such as NIST CSF, SOC 2, ISO 27001, GDPR, HIPAA, PCI DSS, and HITRUST.
- Coordinate audit readiness, evidence collection, and communication with clients, auditors and vendors.
- Oversee client risk management activities, including risk identification, assessment, and mitigation.
- Review and maintain client information security policies and governance processes to ensure regulatory alignment.
- Deliver compliance and security awareness training to client teams.
- Partner with internal IT teams to implement integrated security and compliance solutions.
- Recommend tools and partners (e.g., SIEM, EDR, MDM) to strengthen compliance and risk management programs.
- Track evolving compliance requirements and guide clients in updating their processes and documentation.
What We're Looking For
- 5+ years of experience in compliance, audit readiness, or GRC consulting (client-facing preferred).
- Proven success managing SOC 2 or ISO 27001 readiness engagements end-to-end.
- Strong understanding of information security principles, control frameworks, and risk management practices.
- CISA, CISM, CISSP, or comparable compliance/governance certification.
- Strong understanding of software engineering or DevOps principles.
- Excellent communication skills: able to advise executives, auditors, and technical teams alike.
- Strong project management and prioritization skills across multiple client engagements.
Nice to Have
- PMP or other project management credential a plus.
Technical Stack
- Cloud Platforms: AWS, GCP, Azure (IAM, network security, logging)
- Compliance Tools: Drata, Vanta, Delve
- Identity: Okta, Azure AD, Google Workspace
- Security: CrowdStrike, SentinelOne, Huntress
- MDM: Mosyle, Jamf, Kandji
- Collaboration: Jira, Asana, Notion, Slack
- Networking: VPNs, SSO
Team & Environment
You will partner with internal IT teams to implement integrated solutions for clients.


