FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.
Security Compliance Program Manager
Yuxi Global powered by Veritas AutomataSenior security compliance program manager ensuring SOC 2 and ISO 27001 compliance for client environments. Collaborating with various teams to enhance security maturity and certification readiness.
Tech Stack
Tools & technologiesCloudCyber Security
About the role
Key responsibilities & impact- Supporting the development, implementation, and operationalization of SOC 2, ISO 27001:2022, NIST CSF, and related security procedures for client environments.
- Working alongside an existing long-term consultant to transform audit requirements, security controls, documented procedures, evidence collection processes, user-awareness initiatives, and internal-audit findings into sustainable operational practices.
- Collaborating closely with client leadership, security stakeholders, HR, Finance, Operations, Engineering, Technology, Business Development, Purchasing, and international business units to advance security maturity and certification readiness.
Requirements
What you’ll need- 10–16 years of professional experience in cybersecurity, information security, IT audit, GRC, risk management, infrastructure security, security engineering, or related disciplines.
- Hands-on experience supporting SOC 2 Type 1 and/or Type 2 audits, including control documentation, evidence collection, auditor interaction, remediation planning, and recurring control operation.
- Strong working knowledge of ISO 27001, including ISO 27001:2022 requirements, Annex A controls, internal audits, risk treatment, documented information, and management-system practices.
- Experience aligning security programs with frameworks such as NIST CSF, CIS Controls, ISO 31000, ISO 22301, HIPAA, HITRUST, PCI DSS, GDPR, LGPD, or DFARS-related requirements.
- Demonstrated ability to create and operationalize policies, procedures, standards, control narratives, process documentation, and evidence-management workflows.
- Experience working with cross-functional business and technology stakeholders to obtain audit evidence, drive process adoption, and close control gaps.
- Strong understanding of technical security domains, including: Access Control, Identity and Access Management (IAM), Vulnerability Management, Incident Response, Change Management, Logging and Monitoring, Endpoint Security, Network Security, Cloud Security, Business Continuity.
- Experience working directly with senior stakeholders and control owners to improve security maturity and track measurable progress.
- Practical experience using Jira, Confluence, spreadsheets, dashboards, or GRC platforms to manage audit readiness, KPIs, findings, and remediation plans.
- Strong written and verbal communication skills in English.
Benefits
Comp & perks- Employees can work remotely
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
cybersecurityinformation securityIT auditGRCrisk managementinfrastructure securitysecurity engineeringSOC 2 Type 1SOC 2 Type 2ISO 27001
Soft Skills
collaborationcommunicationpolicy creationprocedure operationalizationstakeholder engagementprocess adoptioncontrol gap closureevidence managementaudit evidence collectionmeasurable progress tracking
Certifications
SOC 2ISO 27001:2022NIST CSFCIS ControlsISO 31000ISO 22301HIPAAHITRUSTPCI DSSGDPR