Senior Director of Regulatory Affairs

Job description

About SecurityScorecard:

SecurityScorecard is the global leader in cybersecurity ratings, with over 12 million companies continuously rated, operating in 64 countries. Founded in 2013 by security and risk experts Dr. Alex Yampolskiy and Sam Kassoumeh and funded by world-class investors, SecurityScorecard’s patented rating technology is used by over 25,000 organizations for self-monitoring, third-party risk management, board reporting, and cyber insurance underwriting; making all organizations more resilient by allowing them to easily find and fix cybersecurity risks across their digital footprint.

Headquartered in New York City, our culture has been recognized by Inc Magazine as a “Best Workplace,” by Crain’s NY as a “Best Places to Work in NYC,” and as one of the 10 hottest SaaS startups in New York for two years in a row. Most recently, SecurityScorecard was named to Fast Company’s annual list of theWorld’s Most Innovative Companies for 2023 and to the Achievers 50 Most Engaged Workplaces in 2023 award recognizing “forward-thinking employers for their unwavering commitment to employee engagement.”  SecurityScorecard is proud to be funded by world-class investors including Silver Lake Waterman, Moody’s, Sequoia Capital, GV and Riverwood Capital.

About the Role:

We are seeking an experienced and strategic Senior Director of Regulatory Affairs to lead our regulatory and compliance strategy for public sector cybersecurity engagements. This role will serve as a key advisor to executive leadership, supporting complex federal, state, and local government opportunities by navigating the evolving regulatory landscape and ensuring full compliance with applicable cybersecurity, privacy, and procurement standards.

You’ll work cross-functionally with Sales, Legal, Product, Security, and Government Affairs teams to influence go-to-market strategy, reduce regulatory friction in public sector deals, and ensure our services and policies align with government requirements.

Key Responsibilities:

• Serve as the subject matter expert on regulatory and compliance requirements related to U.S. federal, state, and local government cybersecurity procurements.
• Partner with the Public Sector sales and legal teams to support RFP responses, contract negotiations, and compliance assessments.
• Monitor and interpret evolving laws, executive orders, frameworks, and standards impacting cybersecurity sales to the public sector (e.g., FedRAMP, CMMC, FISMA, NIST, CJIS, StateRAMP).
• Collaborate with Product and Security teams to align internal controls and product features with government compliance needs.
• Engage with government stakeholders, trade associations, and regulators to shape public policy and advocate for clear and effective cybersecurity procurement standards.
• Develop internal policies, playbooks, and training materials to guide deal execution, risk management, and internal alignment across business units.
• Lead regulatory due diligence efforts in support of strategic partnerships, certifications, and government-focused audits.

Required Qualifications:

• 10+ years of experience in regulatory affairs, public sector compliance, or legal roles supporting cybersecurity or technology companies.
• Deep knowledge of public sector procurement and cybersecurity compliance frameworks (e.g., FedRAMP, StateRAMP, CMMC, ITAR, FISMA).
• Demonstrated success enabling federal and/or state sales teams in highly regulated environments.
• Strong understanding of cloud services, SaaS platforms, and information security standards.
• Excellent communication, collaboration, and executive influence skills.
• Bachelor’s Degree.  JD or advanced degree preferred but not required.

Preferred Qualifications:

• Experience engaging with regulatory bodies such as GSA, DHS, DoD, or state-level IT/security offices.
• Background in risk management, policy advocacy, or public affairs.
• Familiarity with contracting vehicles and public sector procurement lifecycle (e.g., BPAs, GWACs, NASPO).

Benefits:

Specific to each country, we offer a competitive salary, stock options, Health benefits, and unlimited PTO, parental leave, tuition reimbursements, and much more!

The estimated total compensation range for this position is $225,000 - 275,000 (base plus bonus). Actual compensation for the position is based on a variety of factors, including, but not limited to affordability, skills, qualifications and experience, and may vary from the range. In addition to base salary, employees may also be eligible for annual performance-based incentive compensation awards and equity, among other company benefits.

SecurityScorecard is committed to Equal Employment Opportunity and embraces diversity. We believe that our team is strengthened through hiring and retaining employees with diverse backgrounds, skill sets, ideas, and perspectives. We make hiring decisions based on merit and do not discriminate based on race, color, religion, national origin, sex or gender (including pregnancy) gender identity or expression (including transgender status), sexual orientation, age, marital, veteran, disability status or any other protected category in accordance with applicable law.

We also consider qualified applicants regardless of criminal histories, in accordance with applicable law. We are committed to providing reasonable accommodations for qualified individuals with disabilities in our job application procedures. If you need assistance or accommodation due to a disability, please contact [email protected].

Any information you submit to SecurityScorecard as part of your application will be processed in accordance with the Company’s privacy policy and applicable law.

SecurityScorecard does not accept unsolicited resumes from employment agencies.  Please note that we do not provide immigration sponsorship for this position.   #LI-DNI