Security Compliance Manager

We are looking for a highly motivated Security Compliance Consultant with a deep security and compliance background, to lead system development and process improvement for a next-gen, AI driven organization.

In this role, you will oversee the execution of their Information Security program for evaluating compliance with industry standards (ISO, SOC), federal regulations, and customer contractual requirements.

Responsibilities:

• Manage external and internal audits, including reviewing materials that require attention for accuracy and properly adhering to regulatory expectations
• Work with Engineering and Product teams to identify process improvements and efficiencies in areas of change management, access management and general technology process controls
• Provide compliance, risk, and controls expertise to support information security and compliance initiatives
• Manage external security, privacy, and compliance requirements
• Serve as a subject matter expert for information security principles and practices

Requirements:

• Experience related to conducting risk-based assessment for information systems and/or operations
• Experience leading industry standard (ISO 27001 or SOC 1/2) audits from either side
• Thorough understanding of vulnerability management, penetration testing, and attack simulations
• Strong knowledge of applicable privacy laws
• Ability to translate security/compliance requirements into actionable work for Engineering/IT/Operations