Senior Director of Regulatory Affairs

Summary

Join SecurityScorecard as a Senior Director of Regulatory Affairs to lead the regulatory and compliance strategy for public sector cybersecurity engagements. This key advisory role will support complex federal, state, and local government opportunities by navigating the regulatory landscape and ensuring compliance. You will collaborate with various teams, influence go-to-market strategy, reduce regulatory friction, and align services with government requirements. Responsibilities include serving as a subject matter expert on regulatory compliance, supporting RFP responses and contract negotiations, monitoring evolving laws and standards, collaborating with product and security teams, engaging with government stakeholders, and developing internal policies and training materials. The ideal candidate possesses 10+ years of experience in regulatory affairs or related fields, deep knowledge of public sector procurement and cybersecurity frameworks, and excellent communication and collaboration skills. A Bachelor's degree is required, with a JD or advanced degree preferred.

Requirements

• 10+ years of experience in regulatory affairs, public sector compliance, or legal roles supporting cybersecurity or technology companies
• Deep knowledge of public sector procurement and cybersecurity compliance frameworks (e.g., FedRAMP, StateRAMP, CMMC, ITAR, FISMA)
• Demonstrated success enabling federal and/or state sales teams in highly regulated environments
• Strong understanding of cloud services, SaaS platforms, and information security standards
• Excellent communication, collaboration, and executive influence skills
• Bachelor's Degree

Responsibilities

• Serve as the subject matter expert on regulatory and compliance requirements related to U.S. federal, state, and local government cybersecurity procurements
• Partner with the Public Sector sales and legal teams to support RFP responses, contract negotiations, and compliance assessments
• Monitor and interpret evolving laws, executive orders, frameworks, and standards impacting cybersecurity sales to the public sector (e.g., FedRAMP, CMMC, FISMA, NIST, CJIS, StateRAMP)
• Collaborate with Product and Security teams to align internal controls and product features with government compliance needs
• Engage with government stakeholders, trade associations, and regulators to shape public policy and advocate for clear and effective cybersecurity procurement standards
• Develop internal policies, playbooks, and training materials to guide deal execution, risk management, and internal alignment across business units
• Lead regulatory due diligence efforts in support of strategic partnerships, certifications, and government-focused audits

Preferred Qualifications

• JD or advanced degree preferred but not required
• Experience engaging with regulatory bodies such as GSA, DHS, DoD, or state-level IT/security offices
• Background in risk management, policy advocacy, or public affairs
• Familiarity with contracting vehicles and public sector procurement lifecycle (e.g., BPAs, GWACs, NASPO)

Benefits

• Competitive salary
• Stock options
• Health benefits
• Unlimited PTO
• Parental leave
• Tuition reimbursements