We are hiring an Information Security & Compliance Manager to own data security, IT security controls, and compliance end-to-end.
Key Responsibilities
- Own SOC 2 (Type I & II) compliance end-to-end
- Lead ISO 27001 ISMS and support HIPAA compliance
- Implement and manage security controls (SSO, MFA, IAM, cloud security)
- Own security policies, risk register, audits, and evidence
- Respond to customer security questionnaires & vendor reviews
- Act as the single point of contact for security & compliance
Must Have
- 610 years experience in InfoSec / GRC / Compliance
- Hands-on SOC 2 audit ownership (not support role)
- Practical ISO 27001 experience
- SaaS / product company background
- Experience with Azure AD / IAM / cloud security
Nice to Have
- HIPAA exposure
- Compliance tools (Vanta / Drata / Secureframe)
- Startup or scale-up experience
