Director of Audit and Compliance - Data Centers

Serverfarm is a leading developer and operator of data centers with over 750+ locations and key customer relationships in 45 countries. We're revolutionizing how data centers operate across North America, Western Europe, and Israel, serving the world's leading technology and hyperscale companies. With Manulife Investment Management's acquisition in 2023 and our award-winning InCommand platform we're positioned for explosive growth as AI adoption and cloud migration drive unprecedented demand for data center capacity.

A career at Serverfarm means being at the forefront of digital infrastructure innovation, where your work directly impacts how the world's data is managed and secured. As we target 4x growth over the next four years, you'll have unprecedented opportunities to take on new challenges, develop cutting-edge skills, and grow your career across our expanding global operations.

Join our team of innovators and help shape the future of sustainable data centers while building a career without boundaries.

The Role

The Director of Internal Audit position is a hands-on leadership role that requires deep expertise in regulatory compliance across a series of standards. This includes SOC, PCI, ISO and others. You will work closely and cross-functionally with our internal and external legal teams, risk, operations, and Executive leadership teams to develop and maintain a robust compliance program that supports business growth while mitigating risks.

• Ensure adherence to all relevant regulatory and client-mandated compliance requirements across North American jurisdictions, including datacenter-specific standards, IT/Security, energy efficiency, and federal/state considerations.
• Ensure we meet compliance obligations stipulated within client contracts.
• Develop and implement operational compliance strategies to identify, assess, and mitigate risks.
• Oversee and participate in internal and external compliance audits, risk assessments, and internal control reviews, ensuring timely reporting to key stakeholders.
• Act as a key compliance representative in client engagements, addressing compliance-related inquiries, due diligence processes, and contractual obligations.
• Partner with legal, operations, and risk teams to embed compliance best practices into daily operations.
• Lead compliance training initiatives to educate teams on regulatory obligations, ethical standards, and best practices.
• Develop response strategies for compliance breaches, ensuring prompt investigation, remediation, and reporting.
• Act as a key liaison with regulators, auditors, and internal leadership, ensuring transparency and adherence to regulatory requirements.

• 8+ years of experience in regulatory compliance, operational risk management, or a related field, with at least 3+ years leading a compliance function, team, or department.
• Expertise in industry accreditations and frameworks (preferably datacenter or IT-related), including: ISO (International Organization for Standardization), SOC (System and Organization Controls), PCI DSS (Payment Card Industry Data Security Standard), HIPAA (Health Insurance Portability and Accountability Act)
• Experience managing compliance audits and regulatory examinations.
• Proven ability to develop and implement compliance frameworks that align with business operations.
• Strong client engagement skills, with the ability to communicate compliance requirements effectively.
• Excellent analytical, communication, and leadership skills.

• NIS (Network and Information Systems Directive), DORA (Digital Operational Resilience Act) advantageous.
• Bachelor’s degree in Business, Law, Finance, or a related field (Master's degree or relevant certifications preferred).

The listed salary range for this position is an estimate based on the competitive job market. Final compensation will be based on your own individual skills, experience, and location.

The above statements are intended to describe the general nature and level of work being performed in this role. They are not intended to serve as an exhaustive list of all possible responsibilities and duties. We encourage you to apply even if your experience isn't an exact match to the job description.