• Conduct regular security audits and risk assessments to identify vulnerabilities and areas for improvement. • Monitor and assess compliance with internal security policies and external regulatory requirements. • Recommend and track appropriate security controls and mitigation strategies. • Maintain detailed records of compliance activities, including assessments, corrective actions, and audit results. • Prepare compliance documentation and reports for internal leadership and external auditors. • Maintain and support the Simpluris cybersecurity compliance program. • Regularly update policies, procedures, standards, and documentation to align with evolving regulatory and contractual requirements. • Develop and maintain templates, tools, and resources to support compliance and audit readiness. • Utilize compliance and GRC tools to track controls, evidence, risks, and remediation efforts. • Support third-party risk assessments, vendor questionnaires, and ongoing vendor compliance monitoring. • Serve as the primary point of contact between Corporate, Technology, and Operational teams. • Collaborate with IT, legal, and business units to address compliance challenges. • Communicate complex technical and regulatory requirements in a clear, accessible manner to diverse audiences. • Conduct or support internal security audits and compliance reviews. • Stay current with industry standards, federal regulations, and cybersecurity best practices. • Support incident response activities, investigations, and post-incident documentation as needed. • Collect, validate, and maintain audit evidence to support regulatory and customer audits. • Assist with control testing, gap analysis, and remediation tracking.