Information Security Manager
Synack, Inc.
AzureCloudSDLC
Lead Security and Compliance Engineer
interop.io
full-time
Posted on:
Origin: • 🇧🇬 Bulgaria
Visit company websiteJob Level
Senior
Tech Stack
AWSAzureCloudSDLC
About the role
- In this role you will:
- Lead the design, implementation, and continuous improvement of the company’s information security and compliance programs
- Maintain and manage the company’s annual SOC 2 Type II audit lifecycle; prepare for potential future audits such as ISO 27001
- Define and maintain information security policies, standards, and practices across the organization
- Act as the security and compliance subject matter expert in pre-sales and customer discussions, helping to build trust and influence client decisions
- Partner closely with product, engineering, support, and sales teams to integrate secure development and operational practices
- Identify security risks, drive remediation efforts, and maintain a comprehensive risk management program
- Evaluate, implement, and manage security tools and processes, ensuring alignment with business objectives and compliance requirements
- Report on security posture, metrics, and audit readiness to executive leadership and customers
- Coordinate and influence engineers and other staff across business units to achieve compliance and security objectives, despite not having direct reporting lines
Requirements
- Your profile:
- 7+ years of experience in information security, with a strong focus on compliance and risk management in the technology or fintech sectors
- Proven experience leading security programs and compliance efforts (e.g., SOC 2, ISO 27001, GDPR, etc.)
- Strong technical understanding of modern software development practices, DevOps, cloud infrastructure (e.g., AWS, Azure), and SaaS operations
- Exceptional written and verbal communication skills, with the ability to convey complex security topics to non-technical stakeholders and influence sales outcomes;
- Experience engaging with external auditors, regulators, and enterprise customers
- Comfortable working independently in a fast-paced, resource-constrained environment
- Adept at building cross-functional relationships and leading through influence
- Familiarity with security tools such as identity and access management, vulnerability scanners, endpoint protection, and secure SDLC processes
