Security Compliance Program Manager

Job Description

We are seeking a Security Compliance Program Manager to lead and coordinate cybersecurity compliance initiatives focused on SOC 2, ISO 27001, audit readiness, and security governance.

This is not a highly technical engineering role. The ideal candidate will act as the driving force behind compliance programs, ensuring stakeholders remain aligned, audit activities stay on track, and security initiatives are successfully executed across the organization.

The selected candidate will work closely with the organization's Cybersecurity Subject Matter Expert (SME), supporting the coordination, operationalization, and continuous improvement of security and compliance programs.

Key Responsibilities

• Manage and coordinate SOC 2 and ISO 27001 compliance initiatives.
• Drive audit readiness activities, including evidence collection, documentation management, and remediation tracking.
• Coordinate cross-functional stakeholders and control owners to ensure timely completion of security and compliance requirements.
• Organize meetings, maintain action-item tracking, and follow up on deliverables and deadlines.
• Support internal and external audit activities and certification efforts.
• Track risks, findings, remediation plans, KPIs, and program status reporting.
• Partner closely with cybersecurity leadership and technical teams to translate compliance requirements into actionable tasks.
• Help promote security awareness and governance best practices throughout the organization.
• Maintain compliance documentation, policies, procedures, and evidence repositories.

Qualifications

 

• 10+ years of experience in Cybersecurity, IT Audit, GRC, Compliance, Risk Management, or related fields.
• Experience supporting or managing SOC 2 and/or ISO 27001 programs.
• Strong Program Management and Project Management skills.
• Experience coordinating audits, compliance initiatives, and cross-functional stakeholders.
• Ability to communicate effectively with both technical and non-technical teams.
• Experience managing action plans, timelines, risks, dependencies, and compliance deliverables.
• Strong written and verbal English communication skills.
• Bachelor's degree in Cybersecurity, Information Systems, Computer Science, Business, Risk Management, or related discipline.

• Preferred Qualifications

• Experience with cybersecurity governance and security maturity programs.
• Experience supporting SOC 2 Type II audits and ISO 27001 certification efforts.
• Familiarity with NIST CSF, CIS Controls, HIPAA, PCI-DSS, GDPR, or similar frameworks.
• Experience using Jira, Confluence, Drata, Vanta, AuditBoard, ServiceNow GRC, or similar platforms.
• Relevant certifications such as CISA, CISM, CISSP, CRISC, ISO 27001 Lead Auditor, or equivalent.

• Ideal Candidate

  We're looking for a professional who combines:

• Strong compliance and audit experience.
• Excellent program management and stakeholder management skills.
• A solid cybersecurity foundation without needing to be deeply hands-on technically.
• The ability to drive initiatives, remove blockers, and ensure successful execution across multiple teams.

• Core Skills: SOC 2, ISO 27001, Program Management, Audit Coordination, Compliance, Governance, Risk Management, Stakeholder Management, Security Documentation, Jira, Confluence, GRC Tools.