Security and Compliance Manager

Our client is looking for a Security and Compliance Manager, who will play a crucial role in ensuring the security and compliance of their product and processes, collaborating with experienced team members across the world.

It's a full-time strategic role entrusted with tasks supporting (by coordinating, controlling, and managing) the ICA Product Compliance System and reporting directly to the Information Security Manager ICA.  

Requirements

• 3+ years of experience in a similar role

• Fluent in English (at least Upper-Intermediate level both written and spoken)

• Holder of a certificate with an accredited association (CISM, CISSP, Certified ISO 27001 Lead Auditor, ISO 27001 Lead Implementer, etc.)

• Bachelor’s degree in computer science, Information Technology, Information Security, Economics, or a similar field

• Knowledge of Integrated Management Systems, including evaluation and reporting

• Understanding of internal controlling system definition and implementation

• Skilled in balancing business needs with resource constraints

• Strong prioritization and adherence to deadlines

• Excellent communication and interpersonal skills

• Analytical and detail-oriented mindset

• Leadership abilities

Responsibilities

• Ensure product and process security and compliance, providing evidence to regulatory officers.

• Periodically assess and adjust product security measures as needed.

• Establish and maintain engineering security practices.

• Propose changes to policies and procedures for operational efficiency and regulatory compliance.

• Develop and facilitate team security education programs.

• Manage production security issues and incidents, participating in problem and change management forums.

• Facilitate creation and modification of technology compliance policies.

• Manage compliance processes for SOC2, HIPAA, PCI, and ISO27001/27701/27017 compliance programs.

• Ensure company compliance with data privacy regulations (GDPR, CCPA).

• Collect and provide compliance evidence.

• Collaborate with the CDO team to ensure proper workstation security.

• Identify CDO compliance control gaps and implement appropriate changes.

• Define and measure KPIs for security and compliance.

• Develop and maintain the Information Security Management System.

• Create a risk assessment framework and periodically assess company security risks.

• Provide technical advice and insight on compliance requirements to our leaders.

• Confer with senior CDO and business leaders regarding information security risks.

• Act as a corporate advocate for information security and business continuity best practices.

• Assist asset owners and staff in understanding and responding to security audit failures reported by auditors.

• Manage third-party Security Operations Center either directly, or support investigation of reports directed by it.

• Facilitate changes to server infrastructure and application code to meet security and compliance requirements.

We offer

• Competitive compensation, based on experience

• A culture dedicated to professional growth, with continuing education enrichment

• Possibility to work remotely 

• An open, transparent and fun work culture

• Career and professional growth

• Long-term employment with paid vacation