Security Compliance Program Manager

🔥 0 minutes ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Yuxi Global powered by Veritas Automata

WebsiteLinkedInAll Job Openings

201 - 500 employees

Yuxi Global (powered by Veritas Automata) is a leading people and technology force multiplier dedicated to empowering businesses in achieving their digital goals since 2005. We specialize in providing comprehensive solutions, including turnkey enterprise-grade application, managed development teams and strategic consulting via our Veritas Automata Services Team, tailored to meet the unique requirements of our clients. We are headquartered in the United States and operate with a robust team of over 150 skilled IT professionals located strategically in North and South America, including the United States, Colombia, Mexico, Brazil, and Costa Rica.

📋 Description

• Supporting the development, implementation, and operationalization of SOC 2, ISO 27001:2022, NIST CSF, and related security procedures for client environments. • Working alongside an existing long-term consultant to transform audit requirements, security controls, documented procedures, evidence collection processes, user-awareness initiatives, and internal-audit findings into sustainable operational practices. • Collaborating closely with client leadership, security stakeholders, HR, Finance, Operations, Engineering, Technology, Business Development, Purchasing, and international business units to advance security maturity and certification readiness.

🎯 Requirements

• 10–16 years of professional experience in cybersecurity, information security, IT audit, GRC, risk management, infrastructure security, security engineering, or related disciplines. • Hands-on experience supporting SOC 2 Type 1 and/or Type 2 audits, including control documentation, evidence collection, auditor interaction, remediation planning, and recurring control operation. • Strong working knowledge of ISO 27001, including ISO 27001:2022 requirements, Annex A controls, internal audits, risk treatment, documented information, and management-system practices. • Experience aligning security programs with frameworks such as NIST CSF, CIS Controls, ISO 31000, ISO 22301, HIPAA, HITRUST, PCI DSS, GDPR, LGPD, or DFARS-related requirements. • Demonstrated ability to create and operationalize policies, procedures, standards, control narratives, process documentation, and evidence-management workflows. • Experience working with cross-functional business and technology stakeholders to obtain audit evidence, drive process adoption, and close control gaps. • Strong understanding of technical security domains, including: Access Control, Identity and Access Management (IAM), Vulnerability Management, Incident Response, Change Management, Logging and Monitoring, Endpoint Security, Network Security, Cloud Security, Business Continuity. • Experience working directly with senior stakeholders and control owners to improve security maturity and track measurable progress. • Practical experience using Jira, Confluence, spreadsheets, dashboards, or GRC platforms to manage audit readiness, KPIs, findings, and remediation plans. • Strong written and verbal communication skills in English.

🏖️ Benefits

• Employees can work remotely