Security Compliance Manager

Accountabilities

• Lead and maintain security certification programs including ISO 27001 and SOC 2, ensuring continuous audit readiness, surveillance support, and compliance with evolving requirements.
• Operate and improve the Information Security Management System (ISMS), including control reviews, remediation tracking, and ongoing effectiveness monitoring across security domains.
• Manage audit readiness activities by coordinating evidence collection, maintaining audit artifacts, and responding to internal and external auditor requests.
• Drive enterprise risk management activities, including maintaining the risk register, assessing security risks, and tracking remediation plans through to closure.
• Partner with Security leadership to define, track, and report key risk and performance indicators (KRIs/KPIs) and support customer security assessments and questionnaires.
• Oversee updates to security policies and procedures to ensure alignment with certification, regulatory, and business requirements.
• Collaborate cross-functionally to translate compliance requirements into actionable tasks, ownership structures, and measurable control outcomes.

Requirements

• 5+ years of experience in information security, compliance, or risk management roles within regulated environments (e.g., HIPAA, GLBA, PCI).
• Proven hands-on experience leading ISO 27001 and/or SOC 2 certification and ongoing compliance maintenance.
• Strong knowledge of security frameworks, control design, and audit processes, including risk assessment and gap analysis methodologies.
• Ability to map compliance requirements to operational execution across domains such as access control, incident response, vulnerability management, and secure SDLC.
• Experience working with cloud environments (AWS, Azure, or GCP) and modern software delivery pipelines (CI/CD, Agile).
• Strong documentation and communication skills, with the ability to produce audit-ready materials and engage stakeholders at all levels.
• Relevant certifications such as CISA, CISM, or CISSP are strongly preferred.

Benefits

• Competitive base salary range: $140,000 – $170,000 USD per year
• Remote-first work environment with flexible scheduling
• Comprehensive health, dental, and vision insurance coverage
• Paid time off and holidays, with additional flexibility depending on tenure
• Retirement savings plan (401k)
• Life, short-term, and long-term disability insurance
• Professional development support and opportunities for certification growth
• Exposure to high-impact security programs in a regulated, global environment

How Jobgether works: We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best! Why Apply Through Jobgether?

Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.

#LI-CL1