Security And Compliance Jobs in USA with Visa Sponsorship
Security and compliance roles rank among the more sponsorship-friendly positions in tech and finance, with H-1B visa and O-1 visas both viable paths. Employers in regulated industries actively seek credentialed specialists, and demand consistently outpaces domestic supply. For detailed occupation requirements, see the O*NET profile.
See All Security And Compliance JobsOverview
Showing 5 of 183+ Security And Compliance jobs
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
See all 183+ Security And Compliance jobs
Sign up for free to unlock all listings, filter by visa type, and get alerts for new Security And Compliance roles.
Get Access To All JobsCompensation Range:
$200,000.00 - $225,000.00 Annual Salary
Job Description Summary:
The Director of Security and Compliance leads the design and oversight of cybersecurity, compliance, and privacy programs that safeguard the organization’s digital assets and data while ensuring adherence to regulatory requirements, contractual obligations, and internal policies. This position reports to the VP of IT Operations / Chief Information Security Officer.
Job Description:
Position Responsibilities and Duties:
Risk Management:
- Set the mission, vision, and strategy for technology risk management including cybersecurity, compliance and privacy organization. Implementing appropriate risk management and mitigation efforts while ensuring the success of business and IT initiatives, ensuring alignment with business objectives and product priorities.
Communication & Executive Engagement:
- Demonstrate exceptional communication and presentation skills, effectively conveying complex technical and compliance concepts to critical stakeholders, including senior managers and the executive leadership team, to support informed decision‑making.
Stakeholder & Relationship Management:
- Build successful stakeholder relationships with other IT, enterprise risk managers and key business stakeholders by developing a clear understanding of business needs, acting as a trusted advisor, and ensuring cost-effective delivery of security services to meet those needs.
Security Architecture & Operations:
- Direct enterprise-wide security architecture and operations across IT and OT environments, ensuring secure design, deployment, and ongoing protection of infrastructure, applications, and data systems.
Regulatory Compliance & Reporting:
- Ensure compliance with all relevant cybersecurity, compliance and privacy regulations. As part of a strategic enterprise risk management program, conduct compliance assessments and provide regular status reports to risk management teams and senior business leaders including relevant metrics, key performance and risk indicators.
Privacy Program Leadership:
- Lead cross-functional Privacy Team to develop and implement a comprehensive enterprise-wide data and personnel privacy program. Maintain current policies, facilitate publication and communication, and ensure all employees receive required privacy training.
Budget & Financial Management:
- Develop and control the annual department budget to ensure that it's consistent with the overall strategic objectives of IT and the enterprise and is within plan.
Security Culture & Awareness:
- Foster an enterprise security culture by embedding compliance and risk management practices into daily business operations.
- Lead organization-wide training and awareness initiatives that enable informed cybersecurity decision-making across all functions and levels.
Risk Assessment, Business Continuity & Incident Response:
- Conduct comprehensive enterprise risk assessments and develop strategies that strengthen business continuity, disaster recovery, and incident response capabilities.
- Build, train, and coordinate cross-functional incident response teams across security, IT, business partners, and executive leadership to ensure effective crisis response and business protection.
Data Retention & Archiving Compliance:
- Ensure digital and paper archiving (warehouse) systems are complying with corporate data retention policies.
- Collaborate with Product Managers to ensure they understand policies and their products and services are aligned.
Team Leadership & Development:
- Build and lead a high performing team.
- Work collaboratively with direct reports to support their career progression, nurture their development and to help them realize their potential.
- Have a documented succession plan for critical functions.
- Develop and actively participate in peer network groups. Stay up on trends and share lessons learned.
Vendor & Third-Party Management:
- Lead vendor management and negotiations with security service providers.
- Establish strong vendor relationships ensuring vendors understand and share our focus on security and are capable of meeting requirements.
Minimum Skills and Experience:
- Bachelor’s or Master’s degree in business administration or technology related field
- 15 or more years of experience in IT Operations, cybersecurity or business/industry
- 7 or more years of leadership responsibilities, including strategy, budgeting, and staffing
- 3 or more years of leadership responsibilities of an auditable compliance program (ex: NIST 800-171, CMMC, ISO 2700x, SOC 2, NERC-CIP, etc.)
- Exceptional leadership skills, with the ability to develop and communicate a vision that inspires and motivates staff and aligns with the IT and business strategy
- Effective influencing and negotiation skills and the ability to build consensus in complex environments where resources required for success may not be in direct control of this role
- Demonstrate collaboration skills across multiple teams including business operating groups, corporate departments and other IT teams
- Excellent analytical, strategic conceptual thinking, strategic planning, and execution skills
- Strong business acumen, including industry, domain-specific knowledge of the enterprise and its business units
- Developing staff including coaching, mentoring and performance management
- Deep understanding of current and emerging security technologies and practices, and how other enterprises are employing them
- Strong awareness of current and changing regulatory landscape
- Maintain awareness of emerging threats and incorporate appropriate mitigation measures
- Demonstrated ability to develop and execute a strategic staffing plan that ensures the right people are in the right roles at the right time, and employees are highly engaged and satisfied
- Third-party management, working closely with sourcing and vendor managers
Preferred Certifications:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified Information Systems Auditor (CISA)
- Certified in Risk and Information Systems Control (CRISC) or other similar credentials
Required Technology and Vendor Experience:
- Security services - SaaS on-premises, Managed Security Service Providers
- NIST 800-CSF
- NIST 800-53
- Cloud & Network architecture
- Identity and access management
- Business continuity & disaster recovery
- Data management, classification and privacy
- Artificial Intelligence
- Microsoft & AWS
Optional Vendor Experience:
- Google & Cisco
Summary of Benefits:
This role is eligible for the following benefits: medical, dental, vision, 401(k) with company matching, Employee Stock Ownership Program (ESOP), individual stock ownership, paid vacation, paid sick leave, paid holidays, bereavement leave, employee assistance program, pre-tax flexible spending accounts, basic term life insurance and AD&D, business travel accident insurance, short and long term disability, financial wellness coaching, educational assistance, Care.com membership, ClassPass fitness membership, and DashPass delivery membership. Voluntary benefits include additional term life insurance, long term care insurance, critical illness and accidental injury insurance, pet insurance, legal plan, identity theft protection, and other voluntary benefit options.
Anticipated Job Application Deadline:
04/24/2026
Compensation Range:
$200,000.00 - $225,000.00 Annual Salary
Job Description Summary:
The Director of Security and Compliance leads the design and oversight of cybersecurity, compliance, and privacy programs that safeguard the organization’s digital assets and data while ensuring adherence to regulatory requirements, contractual obligations, and internal policies. This position reports to the VP of IT Operations / Chief Information Security Officer.
Job Description:
Position Responsibilities and Duties:
Risk Management:
- Set the mission, vision, and strategy for technology risk management including cybersecurity, compliance and privacy organization. Implementing appropriate risk management and mitigation efforts while ensuring the success of business and IT initiatives, ensuring alignment with business objectives and product priorities.
Communication & Executive Engagement:
- Demonstrate exceptional communication and presentation skills, effectively conveying complex technical and compliance concepts to critical stakeholders, including senior managers and the executive leadership team, to support informed decision‑making.
Stakeholder & Relationship Management:
- Build successful stakeholder relationships with other IT, enterprise risk managers and key business stakeholders by developing a clear understanding of business needs, acting as a trusted advisor, and ensuring cost-effective delivery of security services to meet those needs.
Security Architecture & Operations:
- Direct enterprise-wide security architecture and operations across IT and OT environments, ensuring secure design, deployment, and ongoing protection of infrastructure, applications, and data systems.
Regulatory Compliance & Reporting:
- Ensure compliance with all relevant cybersecurity, compliance and privacy regulations. As part of a strategic enterprise risk management program, conduct compliance assessments and provide regular status reports to risk management teams and senior business leaders including relevant metrics, key performance and risk indicators.
Privacy Program Leadership:
- Lead cross-functional Privacy Team to develop and implement a comprehensive enterprise-wide data and personnel privacy program. Maintain current policies, facilitate publication and communication, and ensure all employees receive required privacy training.
Budget & Financial Management:
- Develop and control the annual department budget to ensure that it's consistent with the overall strategic objectives of IT and the enterprise and is within plan.
Security Culture & Awareness:
- Foster an enterprise security culture by embedding compliance and risk management practices into daily business operations.
- Lead organization-wide training and awareness initiatives that enable informed cybersecurity decision-making across all functions and levels.
Risk Assessment, Business Continuity & Incident Response:
- Conduct comprehensive enterprise risk assessments and develop strategies that strengthen business continuity, disaster recovery, and incident response capabilities.
- Build, train, and coordinate cross-functional incident response teams across security, IT, business partners, and executive leadership to ensure effective crisis response and business protection.
Data Retention & Archiving Compliance:
- Ensure digital and paper archiving (warehouse) systems are complying with corporate data retention policies.
- Collaborate with Product Managers to ensure they understand policies and their products and services are aligned.
Team Leadership & Development:
- Build and lead a high performing team.
- Work collaboratively with direct reports to support their career progression, nurture their development and to help them realize their potential.
- Have a documented succession plan for critical functions.
- Develop and actively participate in peer network groups. Stay up on trends and share lessons learned.
Vendor & Third-Party Management:
- Lead vendor management and negotiations with security service providers.
- Establish strong vendor relationships ensuring vendors understand and share our focus on security and are capable of meeting requirements.
Minimum Skills and Experience:
- Bachelor’s or Master’s degree in business administration or technology related field
- 15 or more years of experience in IT Operations, cybersecurity or business/industry
- 7 or more years of leadership responsibilities, including strategy, budgeting, and staffing
- 3 or more years of leadership responsibilities of an auditable compliance program (ex: NIST 800-171, CMMC, ISO 2700x, SOC 2, NERC-CIP, etc.)
- Exceptional leadership skills, with the ability to develop and communicate a vision that inspires and motivates staff and aligns with the IT and business strategy
- Effective influencing and negotiation skills and the ability to build consensus in complex environments where resources required for success may not be in direct control of this role
- Demonstrate collaboration skills across multiple teams including business operating groups, corporate departments and other IT teams
- Excellent analytical, strategic conceptual thinking, strategic planning, and execution skills
- Strong business acumen, including industry, domain-specific knowledge of the enterprise and its business units
- Developing staff including coaching, mentoring and performance management
- Deep understanding of current and emerging security technologies and practices, and how other enterprises are employing them
- Strong awareness of current and changing regulatory landscape
- Maintain awareness of emerging threats and incorporate appropriate mitigation measures
- Demonstrated ability to develop and execute a strategic staffing plan that ensures the right people are in the right roles at the right time, and employees are highly engaged and satisfied
- Third-party management, working closely with sourcing and vendor managers
Preferred Certifications:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified Information Systems Auditor (CISA)
- Certified in Risk and Information Systems Control (CRISC) or other similar credentials
Required Technology and Vendor Experience:
- Security services - SaaS on-premises, Managed Security Service Providers
- NIST 800-CSF
- NIST 800-53
- Cloud & Network architecture
- Identity and access management
- Business continuity & disaster recovery
- Data management, classification and privacy
- Artificial Intelligence
- Microsoft & AWS
Optional Vendor Experience:
- Google & Cisco
Summary of Benefits:
This role is eligible for the following benefits: medical, dental, vision, 401(k) with company matching, Employee Stock Ownership Program (ESOP), individual stock ownership, paid vacation, paid sick leave, paid holidays, bereavement leave, employee assistance program, pre-tax flexible spending accounts, basic term life insurance and AD&D, business travel accident insurance, short and long term disability, financial wellness coaching, educational assistance, Care.com membership, ClassPass fitness membership, and DashPass delivery membership. Voluntary benefits include additional term life insurance, long term care insurance, critical illness and accidental injury insurance, pet insurance, legal plan, identity theft protection, and other voluntary benefit options.
Anticipated Job Application Deadline:
04/24/2026
See all 183+ Security And Compliance jobs
Sign up for free to unlock all listings, filter by visa type, and get alerts for new Security And Compliance roles.
Get Access To All JobsTips for Finding Security And Compliance Jobs
Lead with your certifications
CISSP, CISA, CISM, and SOC 2 expertise are hiring signals that compliance teams recognize immediately. Listing these prominently on your resume tells employers you can contribute from day one, which makes sponsorship a far easier conversation to start.
Target regulated industries first
Financial services, healthcare, and government contractors face the strictest compliance mandates and the most persistent talent shortages. These employers sponsor more consistently than generalist tech companies because qualified candidates are genuinely hard to find domestically.
Understand the specialty occupation bar
H-1B approval for security and compliance roles depends on demonstrating the position requires a specific bachelor's degree or higher. Roles tied to frameworks like NIST, ISO 27001, or HIPAA compliance have a stronger track record meeting this standard than generalist security titles.
Frame your degree connection clearly
USCIS scrutinizes whether your degree field directly relates to the role. Information systems, computer science, cybersecurity, and accounting degrees map well to most compliance positions. If your degree is adjacent, document how your coursework and experience bridge the gap.
Prioritize employers with existing LCA filings
Companies that have sponsored security and compliance roles before understand the process and face fewer internal obstacles. Searching for employers with a documented history of filing Labor Condition Applications for similar titles is one of the most practical filtering strategies available.
Use Migrate Mate to find sponsor-ready roles
Not every security and compliance job posting signals sponsorship willingness clearly. Migrate Mate filters for employers actively open to visa sponsorship, saving you from applying to roles where the conversation will stall before it starts.
Security And Compliance jobs are hiring across the US. Find yours.
Find Security And Compliance JobsFrequently Asked Questions
Do security and compliance roles qualify for H-1B visa sponsorship?
Most do, but approval depends on how the position is defined. Roles tied to specific technical frameworks, regulatory standards, or specialized tools, such as a Compliance Analyst implementing HIPAA controls or a Security Engineer working with SIEM platforms, qualify more reliably than broadly scoped titles. The position must require a specific bachelor's degree field, not just any degree.
What degree do I need for an employer to sponsor my H-1B in security or compliance?
Cybersecurity, information systems, computer science, accounting, and finance degrees map cleanly to most roles in this field. USCIS requires the degree to relate directly to the job duties, so a cybersecurity degree for a security analyst role is straightforward. An unrelated degree can still work if supported by transcripts showing relevant coursework and documented professional experience.
Which industries hire the most sponsored security and compliance professionals?
Financial services, healthcare, insurance, and defense contracting are the heaviest sponsors. These industries operate under strict regulatory regimes, FINRA, SEC, HIPAA, and FedRAMP, and face real shortages of qualified compliance talent. Enterprise software companies and cloud providers also sponsor at scale for security engineering and governance roles. Browse current openings by industry on Migrate Mate.
Can I get an O-1A visa for a security or compliance role?
It's possible but requires substantial evidence of distinction in the field. Published research, conference speaking, recognized contributions to security standards, or senior advisory roles at prominent organizations can support an O-1A case. This visa suits principal security architects or compliance leads with an established professional profile rather than earlier-career specialists. An immigration attorney can assess whether your background clears the bar.
How do I identify which compliance and security employers actually sponsor visas?
The most reliable signal is an employer's history of filing Labor Condition Applications for similar roles. Larger financial institutions, healthcare systems, and publicly traded tech companies tend to have established sponsorship programs. Migrate Mate surfaces security and compliance positions from employers who are actively open to sponsorship, removing the guesswork from your job search.
What is the prevailing wage requirement for sponsored Security And Compliance jobs?
U.S. employers sponsoring a visa must pay at least the prevailing wage, which is what workers in the same role, area, and experience level typically earn. The Department of Labor sets this rate to make sure companies aren't hiring foreign workers simply because they'd accept lower pay than a U.S. worker. It varies by job title, location, and experience. You can look up current prevailing wage rates for any occupation and location using the OFLC Wage Search page.
See which Security And Compliance employers are hiring and sponsoring visas right now.
Search Security And Compliance Jobs