Security Program Manager

November 25

Apply Now

Receive Emails with Similar Jobs

Oneleet

WebsiteLinkedInAll Job Openings

Compliance • Cybersecurity • SaaS

Oneleet is a security and compliance SaaS platform that helps companies achieve and maintain audit-ready posture for frameworks like SOC 2, ISO 27001, HIPAA and GDPR while delivering real, continuous cybersecurity. The platform unifies controls, policies, evidence collection, and automated security tooling (attack surface monitoring, code scanning, vulnerability management) and pairs automation with expert services such as penetration testing and vCISO to both pass audits and reduce actual risk. Oneleet is designed to integrate with existing developer and cloud stacks and to turn remediation work into documented compliance evidence.

51 - 200 employees

Founded 2022

📋 Compliance

🔒 Cybersecurity

☁️ SaaS

📋 Description

• Conduct initial consultation calls with new clients to assess their current security posture, infrastructure stack, compliance requirements and overall objectives. • Provide guidance and recommendations for improving client security posture • Develop high-level security programs consisting of technical, operational and administrative controls based on industry frameworks and client needs. • Collaborate with clients to customize and refine the security program to match their specific use cases. • Communicate with clients and stakeholders to ensure smooth and efficient security program creation • Liaise with auditors to ensure clients' security programs align with auditors' expectations • Maintain expertise across a range of security frameworks, control types, and technologies including NIST, SOC2, ISO27001, CMMC, AWS, Azure, GCP, Kubernetes, Docker, Terraform, and more. • Provide feedback to Oneleet's engineering team to inform development of integrations, solutions, and products that deliver on client needs. • Be highly technical, learn new technologies quickly, and translate security concepts into implementations. • Partner with internal teams to translate security programs into implementations consisting of policies, procedures, configurations and software integrations.

🎯 Requirements

• 3+ years in an information security role • Broad knowledge of security best practices, frameworks, control types, and relevant technologies. • Ability to understand client infrastructure and map security controls to meet compliance goals. • Strong analytical skills to evaluate environments and determine appropriate safeguards. • Excellent verbal and written communication skills. • Self-driven with the ability to work independently and move fast in a startup environment. • Willingness to go the extra mile to meet tight deadlines and deliver results.

🏖️ Benefits

• Comprehensive health & welless benefits • Competitive comp & equity • Generous PTO, including floating holidays to honor what matters most to you • Flexible, remote work culture • Quarterly off-sites to cool places (Amsterdam, Italy, etc).