Security Compliance Manager



  • Drive the definition of security control requirements and a unified control framework
  • Has experience working with companies that have very large/complex IT infrastructures
  • Present recommendation, options, opportunities, and assumption to leadershiP
  • Drive partner audit events and take part in external certifications, leading preparation, sample delivery, on-site facilitation, and management reaction activities
  • Evaluate the design and effectiveness of IT, Security, and Privacy controls based upon industry standards and regulatory requirements (SOC 2, ISO 27001, NIST Cybersecurity Framework, EU GDPR, etc.)
  • Provide technical and operational support on security compliance for the partner environment
  • Provide recommendations on IT/Security control health
  • Responsible for being part of the ‘front line’ in liaising with Group technology/ engineering teams and internal/ external auditor on security matters
  • AWS cloud infrastructure environments
  • Facilitate efficient communication across all levels of an assessment to ensure consistency in reaching our compliance goals
  • Lead the creation and implementation of compliance initiatives (such as SOC 2, ISO 27001, etc.), as well as the measures and checks for continuing compliance


  • A minimum of 6 years job related experience supporting IT/Security Compliance programs, and auditing within an IT-engineering role.
  • Has the ability to learn quickly, think critically, and can adapt to rapidly changing environments.
  • Has the ability to write and speak clearly
  • Knowledge and familiarity related to administering and securing operating systems, database platforms, endpoint security and network infrastructure is preferred
  • An understanding of Information Security frameworks, processes, technologies, and practices, including NIST and ISO27xxx standards
  • Has expertise creating common controls or assisting with common control frameworks with the intention of testing controls to improve audit efficiency
  • Needs to have strong experience testing controls – knowing how to get the information needed to conduct testing and interpret if the evidence received by a control owner/stakeholder is sufficient for internal assessment and audit purposes
  • Experience conducting and leading IT Audits and/or has served in an IT/Security Audit Readiness function
  • A solid understanding of how to use JIRA and operate an agile program within JIRA
  • Self-starter and can lean-in to support tasks and the overall team
  • Experience using a risk-based audit approach in evaluations of and recommendations for management processes
  • Ability to speak compliance in layman’s terms to those who do not come from the IT/Security compliance world

Apply for this role: