This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Security Compliance Manager in United States.

This role is central to ensuring that security compliance, audit readiness, and risk governance programs are effectively designed, executed, and continuously improved within a fast-scaling, regulated environment. You will act as the key driver of certification and compliance efforts, including ISO 27001 and SOC 2, ensuring the organization remains audit-ready at all times. The position requires close collaboration with engineering, security, and operations teams to translate compliance requirements into actionable workflows and measurable controls. You will also play a critical role in strengthening the information security management system, improving risk management practices, and supporting customer and regulatory trust. Operating in a fully remote environment, this role blends strategic oversight with hands-on execution. It is ideal for a compliance professional who thrives in structured yet evolving security programs.

Accountabilities:

Lead ISO 27001 and SOC 2 certification readiness, including audit preparation, control implementation, surveillance audits, and ongoing compliance maintenance.
Manage and operate the Information Security Management System (ISMS), ensuring controls are reviewed, effective, and continuously improved across the organization.
Oversee audit evidence collection, documentation, and response processes for internal and external security audits.
Develop, maintain, and enhance the information security risk management program, including risk registers, ownership structures, and remediation tracking.
Partner with Security leadership to define, monitor, and report key risk and performance metrics (KRIs/KPIs).
Translate security and compliance requirements into clear, actionable tasks for Engineering, IT, and Operations teams, including ownership and acceptance criteria.
Coordinate cross-functional compliance efforts, including policy updates, control validation, and alignment with regulatory and customer requirements.

Requirements:

5+ years of experience in information security within a regulated environment (e.g., HIPAA, GLBA, PCI).
Proven experience leading ISO 27001 and/or SOC 2 certification processes, including audit preparation and ongoing compliance management.
Strong understanding of security domains such as access control, incident response, vulnerability management, BCDR, and secure SDLC.
Experience performing risk assessments and gap analyses, with the ability to translate findings into actionable remediation plans.
Ability to convert compliance requirements into structured engineering and operational work (tickets, workflows, ownership models).
Strong written and verbal communication skills, with experience producing audit-ready documentation and engaging with auditors.
Familiarity with cloud environments (AWS, GCP, or Azure) and modern software development practices is highly desirable.
Relevant certifications such as CISA, CISM, or CISSP are a plus.

Benefits:

Competitive annual salary ranging from $130,000 to $160,000
Performance-based incentives and eligibility for bonus programs
Comprehensive medical, dental, and vision insurance starting on day one
401(k) retirement plan with employer match
Fully remote work environment across the United States
Opportunity to work on high-impact security compliance programs in a regulated industry
Exposure to global-scale audit and certification frameworks (ISO 27001, SOC 2)
Inclusive and collaborative work culture with a strong focus on security excellence.

How Jobgether works:

We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.

We appreciate your interest and wish you the best!

Why Apply Through Jobgether?

Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.

#LI-CL1

Security Compliance Manager

Accountabilities:

Job Details

Tools & Tech