Security & Compliance Manager

Our client is the premium provider of Cyber Threat Intelligence globally, looking for a Security Compliance Manager to lead their Governance and Risk team. Handling activities across the business, from security compliance certs and audits, to risk management and vendor management. This role is fully remote - located anywhere in the US.

We are looking for an experienced Security Compliance Manager to be responsible for implementing, monitoring and maintaining effective security controls. This will include engaging in cross-functional collaboration, as well as playing a part in key decision-making.

This role will report to the General Counsel. Please note, this role involves occasional travel within the United States, Europe and Asia.

The ideal candidate will hold experience with the following frameworks:

• SOC 2
• ISO27001
• PCI
• FFIEC
• NIST
• CSF
• GLBA
• CMMC

Key Responsibilities:

• Oversee security audit and governance management: optimize year-round compliance, audit and regulatory efforts.
• Maintain and evolve the integrated cybersecurity controls framework and programs.
• Monitor and report on compliance against the company's policies and standards.
• Facilitate governance and track remediation for vulnerabilities and deficiencies and establish and implement resolutions based on risk impact and criticality.
• Execute existing and new compliance initiatives.
• Independently conduct compliance quantitative assessments.
• Maintain a cybersecurity risk register.
• Compile and present compliance posture to senior leadership.

Preferred Skill, Qualifications:

• BS degree in Computer Information Systems or related field.
• Relevant certification (e.g. CISA, CISSP, PCI QSA, AWS certifications) or equivalent expertise.
• Considerable experience with leading security governance, risk & compliance initiatives.
• Experience onboarding and monitoring cybersecurity controls in cloud environments (specifically AWS).
• Experience managing SOC 2, NIST CSF, PCI DSS, SOX ITGC, GLBA or other compliance standards and framework programs.
• Strong knowledge of security risk management and running audits/certification programs.
• Comfortable working in a fast-paced, dynamic & diverse environment, and managing multiple projects concurrently.
• Big 4, or management/IT consulting experience preferred.
• Have knowledge of NIST 800-53/800-37, NIST CSF, SOC 2, PCI, and/or ISO 27001 standards, integrated controls framework, and evaluating design and effectiveness of IT controls working directly with auditors, regulators, investors.
• Experience defining compliance roadmaps based on customer requirements, compliance documentation, and ensuring that committed assessments are delivered on schedule.