Senior Information Security Officer/Engineer

Senior Information Security Officer/Engineer

About The Role

We are seeking a Senior Information Security Engineer who will be the custodian of our compliance and security posture. You will own ISO 27001 and SOC 2 frameworks, run audits, manage risk assessments, and work closely with product, engineering, and enterprise clients to ensure DoubleTick is secure by design.

If you’re someone who thrives on audits, ISMS frameworks, cloud security, and customer trust-building, this role is for you.

Key Responsibilities

• Maintain and manage DoubleTick’s ISMS framework (ISO 27001 & SOC 2)
• Lead and coordinate internal and external compliance audits
• Manage policy renewals, updates, and documentation
• Face customer/vendor security assessments and respond to questionnaires
• Collaborate with engineering teams to close compliance gaps
• Conduct risk assessments and ensure appropriate controls are in place
• Build security awareness and training programs for employees
• Monitor and improve security KPIs and compliance dashboards
• Stay ahead of regulatory requirements and industry frameworks

Required Skills

• Deep expertise in ISO 27001, SOC 2, and ISMS (4–6 years)
• Strong exposure to AWS, Google Cloud, and Azure (public cloud security best practices)
• Experience leading end-to-end compliance audits (internal & external)
• Hands-on experience with ISMS lifecycle management
• Ability to respond to customer third-party risk assessments and security RFPs
• Skilled at writing & maintaining InfoSec policies and procedures
• Excellent communication skills to bridge the gap between security & business stakeholders
• Experience in a SaaS environment (B2B preferred
• Certifications (mandatory): ISO 27001 Lead Auditor, CISA, CISSPjhh