Cyber Security Compliance Director

Veeam®, the #1 global market leader in data protection and ransomware recovery, is on a mission to empower every organization to not just bounce back from a data outage or loss but bounce forward.

With Veeam, organizations achieve radical resilience through data security, data recovery, and data freedom for their hybrid cloud. 

The Veeam Data Platform delivers a single solution for cloud, virtual, physical, SaaS, and Kubernetes environments that gives IT and security leaders peace of mind that their apps 
and data are protected and always available.

Headquartered in Seattle with offices in more than 30 countries, Veeam protects over 450,000 customers worldwide, including 74% of the Global 2000, who trust Veeam to keep their businesses running.

 

The Senior Director of Cybersecurity Compliance and Product Certifications will lead Veeam’s cybersecurity compliance efforts across both corporate and product domains. This position will oversee the second line of defense function for cybersecurity, IT compliance, and product-specific compliance activities, including key certifications and industry standards. The Senior Director will work closely with internal teams and stakeholders to ensure Veeam meets and maintains necessary cybersecurity certifications such as ISO, SOC2, and CMMC, and manage product compliance efforts for certifications like FIPS 140-2/140-3, Common Criteria, DoDIN APL, and others. The Director will also assist in efforts for FedRAMP and StateRAMP compliance and Independent Verification & Validation processes for products. This role will additionally support Veeam’s supply chain risk management and direct sales compliance efforts.

The Senior Director of Cybersecurity Compliance and Product Certifications will report to the VP Technology GRC in the organization led by the Chief Information Security Officer and have a dotted line to the Chief Compliance Officer or similar role.

Responsibilities

• Strategically lead global cybersecurity compliance across corporate and product domains with NIST, ISO, SOC 2, and CMMC frameworks required for sales enablement.
• Manage security testing, track audit findings, and ensure timely remediation from outputs of the compliance frameworks.
• Lead product compliance strategy ensuring that FIPS 140-2/140-3, Common Criteria, DoDIN APL, and IV&V are implemented enabling USG and Federal business goals.
• Support delivery of FedRAMP/StateRAMP certifications for Veeam’s BaaS cloud offerings.
• Provide proactive quarterly communication to executive leadership/SLT on above security compliance activities.
• Collaborate with internal teams (R&D, sales, legal) to align on compliance requirements and certifications.
• Foster a culture of compliance and stay updated on evolving regulatory requirements.
• Influencer, Evangelist, Group Leader, Trusted Business Advisor

1.  Leading Change
2.  Functional People Leader
3.  Results Driven
4.  Business Acumen
5.  Building Coalitions
6.  Creating a Culture of Trust
7.  Broadening Business Value
8.  Initiating Action

Experience

• 15+ years of experience in cybersecurity governance, risk management, and compliance (GRC).
• Proven expertise in product certifications such as FIPS 140-2/140-3, Common Criteria, DoDIN APL, and FedRAMP.
• Experience with cybersecurity frameworks like NIST CSF, ISO 27001, SOC 2, and CMMC.
• Strong background in leading remediation efforts, working with internal audit, and managing compliance portfolios.
• Experience working with product teams to integrate compliance requirements into the development lifecycle.
• Active US Government Security Clearance or ability to obtain one.
• Certifications such as CISSP, CISM, or ITILv3 preferred.
• Excellent communication skills with the ability to present compliance progress to senior leadership.
• Advanced understanding of portfolio management and accountability techniques.
• Certifications: CISSP, ITILv3
• Active US Government Security Clearance / or clearable
• Advanced understanding of security technologies, compliance frameworks (NIST CSF, ISO), risk management principles
• Excellent written and oral communication skills, negotiation skills, and presentation skills, and the ability to influence and communicate professionally across all functional lines.

Benefits

• Unlimited PTO
• Medical, dental, and vision benefits that start on day one
• Flexible spending accounts
• Life insurance and short-term and long-term disability coverage
• Family planning support benefits, along with 100% paid maternity and parental leave
• 401k match
• Veeam Care Days – additional 24 hours for your volunteering activities
• Professional training and education, including courses and workshops, internal meetups, and unlimited access to our online learning platforms (Percipio, Athena, O’Reilly) and mentoring through our MentorLab program.

#LI-Remote

#LI-JW1

The salary range posted is On Target Earnings (OTE), which is inclusive of base and variable pay. When making an offer of employment, Veeam will take into consideration the candidate’s expectations, experience, education, scope of responsibility for the role, and the current market demands.

United States of America Pay Range$275,400—$393,400 USD Veeam Software is an equal opportunity employer and does not tolerate discrimination in any form on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state or local law. All your information will be kept confidential.

Please note that any personal data collected from you during the recruitment process will be processed in accordance with our Recruiting Privacy Notice.  

The Privacy Notice sets out the basis on which the personal data collected from you, or that you provide to us, will be processed by us in connection with our recruitment processes. 

By applying for this position, you consent to the processing of your personal data in accordance with our Recruiting Privacy Notice.