Job Summary:

We are seeking a Technical Writer with a strong compliance background to lead the drafting and documentation of policies, procedures, and technical controls related to GLBA (Gramm-Leach-Bliley Act) and the FTC Safeguards Rule. This role bridges the gap between security/compliance leadership and operational execution, ensuring that required policies are written clearly, accurately, and align with regulatory expectations and internal standards.

Youll work closely with compliance, cybersecurity, and IT operations teams to ensure the organization is audit-ready, policy-aligned, and control-driven.

Key Responsibilities:

• Draft, revise, and maintain policies, procedures, and standards to support GLBA and FTC Safeguards Rule compliance.
• Work with stakeholders to document and enforce security controls (e.g., access control, encryption, MFA, vendor due diligence, incident response).
• Develop and maintain a compliance documentation framework, including risk assessments, annual board reports, and training records.
• Map policies to specific controls and ensure language meets legal, technical, and operational clarity.
• Assist in preparing documentation for third-party audits and regulatory reviews.
• Track updates in regulatory requirements and ensure documentation reflects current standards.
• Create process flows, diagrams, and technical summaries where appropriate to support understanding and execution.

Required Qualifications:

• 3+ years of experience in technical writing or compliance documentation, ideally in a financial services or cybersecurity setting.
• Deep familiarity with GLBA, FTC Safeguards Rule, and NIST-based control frameworks.
• Ability to translate complex technical concepts and legal/compliance requirements into accessible documentation.
• Strong understanding of technical controls (e.g., encryption, network security, monitoring, access management).
• Experience working with cross-functional teams (security, legal, IT, HR, operations).
• Excellent written and verbal communication skills; strong organizational skills.

Preferred Qualifications:

• Experience working in or supporting a financial institution, fintech company, or MSP with regulated clients.
• Working knowledge of control frameworks like NIST 800-53, ISO 27001, or COBIT.
• Familiarity with GRC platforms or policy lifecycle management tools.
• Certifications such as CISA, CRISC, CISSP, or CIPM are a plus.