Security Compliance Manager in United States at Jobgether

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Security Compliance Manager based in the United States.

This role is a key driver of security compliance maturity within a fast-growing, highly regulated SaaS environment supporting clinical research operations at global scale. You will own and evolve certification readiness efforts, ensuring continuous alignment with frameworks such as ISO 27001 and SOC 2 while maintaining an audit-ready posture across the organization. The position bridges security, engineering, and operations by translating compliance requirements into clear, actionable controls and workflows. You will play a central role in strengthening risk management practices, improving evidence collection processes, and supporting both internal and external audits. This is a highly cross-functional role requiring strong communication, structure, and the ability to influence across technical and non-technical teams. You will also help shape scalable compliance processes that support long-term growth in regulated environments. The work environment is remote-first, collaborative, and focused on building trust in secure, compliant systems at scale.

• Lead and maintain security certification programs including ISO 27001 and SOC 2, ensuring continuous audit readiness, surveillance support, and compliance with evolving requirements.
• Operate and improve the Information Security Management System (ISMS), including control reviews, remediation tracking, and ongoing effectiveness monitoring across security domains.
• Manage audit readiness activities by coordinating evidence collection, maintaining audit artifacts, and responding to internal and external auditor requests.
• Drive enterprise risk management activities, including maintaining the risk register, assessing security risks, and tracking remediation plans through to closure.
• Partner with Security leadership to define, track, and report key risk and performance indicators (KRIs/KPIs) and support customer security assessments and questionnaires.
• Oversee updates to security policies and procedures to ensure alignment with certification, regulatory, and business requirements.
• Collaborate cross-functionally to translate compliance requirements into actionable tasks, ownership structures, and measurable control outcomes.

Requirements:

• 5+ years of experience in information security, compliance, or risk management roles within regulated environments (e.g., HIPAA, GLBA, PCI).
• Proven hands-on experience leading ISO 27001 and/or SOC 2 certification and ongoing compliance maintenance.
• Strong knowledge of security frameworks, control design, and audit processes, including risk assessment and gap analysis methodologies.
• Ability to map compliance requirements to operational execution across domains such as access control, incident response, vulnerability management, and secure SDLC.
• Experience working with cloud environments (AWS, Azure, or GCP) and modern software delivery pipelines (CI/CD, Agile).
• Strong documentation and communication skills, with the ability to produce audit-ready materials and engage stakeholders at all levels.
• Relevant certifications such as CISA, CISM, or CISSP are strongly preferred.

Benefits:

• Competitive base salary range: $140,000 – $170,000 USD per year
• Remote-first work environment with flexible scheduling
• Comprehensive health, dental, and vision insurance coverage
• Paid time off and holidays, with additional flexibility depending on tenure
• Retirement savings plan (401k)
• Life, short-term, and long-term disability insurance
• Professional development support and opportunities for certification growth
• Exposure to high-impact security programs in a regulated, global environment