Security Compliance Manager

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Security Compliance Manager in United States.

This role is central to ensuring that security compliance, audit readiness, and risk governance programs are effectively designed, executed, and continuously improved within a fast-scaling, regulated environment. You will act as the key driver of certification and compliance efforts, including ISO 27001 and SOC 2, ensuring the organization remains audit-ready at all times. The position requires close collaboration with engineering, security, and operations teams to translate compliance requirements into actionable workflows and measurable controls. You will also play a critical role in strengthening the information security management system, improving risk management practices, and supporting customer and regulatory trust. Operating in a fully remote environment, this role blends strategic oversight with hands-on execution. It is ideal for a compliance professional who thrives in structured yet evolving security programs.

Accountabilities

• Lead ISO 27001 and SOC 2 certification readiness, including audit preparation, control implementation, surveillance audits, and ongoing compliance maintenance.
• Manage and operate the Information Security Management System (ISMS), ensuring controls are reviewed, effective, and continuously improved across the organization.
• Oversee audit evidence collection, documentation, and response processes for internal and external security audits.
• Develop, maintain, and enhance the information security risk management program, including risk registers, ownership structures, and remediation tracking.
• Partner with Security leadership to define, monitor, and report key risk and performance metrics (KRIs/KPIs).
• Translate security and compliance requirements into clear, actionable tasks for Engineering, IT, and Operations teams, including ownership and acceptance criteria.
• Coordinate cross-functional compliance efforts, including policy updates, control validation, and alignment with regulatory and customer requirements.
  
  

Requirements

Interested in remote work opportunities in Cyber Security? Discover Cyber Security Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.

• 5+ years of experience in information security within a regulated environment (e.g., HIPAA, GLBA, PCI).
• Proven experience leading ISO 27001 and/or SOC 2 certification processes, including audit preparation and ongoing compliance management.
• Strong understanding of security domains such as access control, incident response, vulnerability management, BCDR, and secure SDLC.
• Experience performing risk assessments and gap analyses, with the ability to translate findings into actionable remediation plans.
• Ability to convert compliance requirements into structured engineering and operational work (tickets, workflows, ownership models).
• Strong written and verbal communication skills, with experience producing audit-ready documentation and engaging with auditors.
• Familiarity with cloud environments (AWS, GCP, or Azure) and modern software development practices is highly desirable.
• Relevant certifications such as CISA, CISM, or CISSP are a plus.
  
  

Benefits

• Competitive annual salary ranging from $130,000 to $160,000
• Performance-based incentives and eligibility for bonus programs
• Comprehensive medical, dental, and vision insurance starting on day one

Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.

• 401(k) retirement plan with employer match
• Fully remote work environment across the United States
• Opportunity to work on high-impact security compliance programs in a regulated industry
• Exposure to global-scale audit and certification frameworks (ISO 27001, SOC 2)
• Inclusive and collaborative work culture with a strong focus on security excellence.
  
  

How Jobgether Works

We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.

We appreciate your interest and wish you the best!

Why Apply Through Jobgether?

Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.