Job Description
Team: IT
This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Security Compliance Manager in United States.
This role is central to ensuring that security compliance, audit readiness, and risk governance programs are effectively designed, executed, and continuously improved within a fast-scaling, regulated environment. You will act as the key driver of certification and compliance efforts, including ISO 27001 and SOC 2, ensuring the organization remains audit-ready at all times. The position requires close collaboration with engineering, security, and operations teams to translate compliance requirements into actionable workflows and measurable controls. You will also play a critical role in strengthening the information security management system, improving risk management practices, and supporting customer and regulatory trust. Operating in a fully remote environment, this role blends strategic oversight with hands-on execution. It is ideal for a compliance professional who thrives in structured yet evolving security programs.
Accountabilities:
- Lead ISO 27001 and SOC 2 certification readiness, including audit preparation, control implementation, surveillance audits, and ongoing compliance maintenance.
- Manage and operate the Information Security Management System (ISMS), ensuring controls are reviewed, effective, and continuously improved across the organization.
- Oversee audit evidence collection, documentation, and response processes for internal and external security audits.
- Develop, maintain, and enhance the information security risk management program, including risk registers, ownership structures, and remediation tracking.
- Partner with Security leadership to define, monitor, and report key risk and performance metrics (KRIs/KPIs).
- Translate security and compliance requirements into clear, actionable tasks for Engineering, IT, and Operations teams, including ownership and acceptance criteria.
- Coordinate cross-functional compliance efforts, including policy updates, control validation, and alignment with regulatory and customer requirements.
- 5+ years of experience in information security within a regulated environment (e.g., HIPAA, GLBA, PCI).
- Proven experience leading ISO 27001 and/or SOC 2 certification processes, including audit preparation and ongoing compliance management.
- Strong understanding of security domains such as access control, incident response, vulnerability management, BCDR, and secure SDLC.
- Experience performing risk assessments and gap analyses, with the ability to translate findings into actionable remediation plans.
- Ability to convert compliance requirements into structured engineering and operational work (tickets, workflows, ownership models).
- Strong written and verbal communication skills, with experience producing audit-ready documentation and engaging with auditors.
- Familiarity with cloud environments (AWS, GCP, or Azure) and modern software development practices is highly desirable.
- Relevant certifications such as CISA, CISM, or CISSP are a plus.
- Competitive annual salary ranging from $130,000 to $160,000
- Performance-based incentives and eligibility for bonus programs
- Comprehensive medical, dental, and vision insurance starting on day one
- 401(k) retirement plan with employer match
- Fully remote work environment across the United States
- Opportunity to work on high-impact security compliance programs in a regulated industry
- Exposure to global-scale audit and certification frameworks (ISO 27001, SOC 2)
- Inclusive and collaborative work culture with a strong focus on security excellence.
Requirements:
Benefits:
Explore More
Date Posted
05/08/2026
Views
0