Senior Security Compliance Advisor

About the Company

Our client is a leading cybersecurity and compliance services provider, specializing in helping startups navigate their security and regulatory needs. They aim to provide top-tier security solutions, allowing their clients to focus on growing their businesses. The company values integrity, innovation, and building strong relationships with clients.

Job Description

We are seeking a Security Compliance Manager to work directly with our clients, primarily startups, to establish and maintain robust security and compliance programs. The ideal candidate will have a strong background in cybersecurity and experience with various compliance frameworks, particularly SOC 2 and ISO 27001.

Key Responsibilities

- Serve as the primary point of contact for clients, guiding them through security and compliance initiatives

- Implement and maintain cybersecurity programs that meet SOC 2, ISO 27001, and other relevant frameworks

- Manage day-to-day compliance, security, and privacy tasks, including:

- Building and maintaining security policies and standard operating procedures (SOPs)

- Implementing and managing Governance, Risk, and Compliance (GRC) environments (e.g., Drata, Vanta, Tugboat)

- Conducting vendor reviews and responding to security questionnaires

- Assisting with incident response planning and execution

- Managing penetration testing and vulnerability scanning processes

- Leading audit management processes for various compliance certifications

- Prepare and facilitate client meetings to keep stakeholders updated

- Contribute to and maintain the company's security content library

- Complete core competency trainings to develop skills as a security leader

- Stay current with cybersecurity trends and emerging risks

This role offers an exciting opportunity to work with innovative startups, helping them build secure foundations for growth. You'll have the chance to work with a variety of clients, constantly improve security and compliance programs, and contribute to building a resource library that benefits multiple customers. If you're passionate about cybersecurity, enjoy a fast-paced, dynamic environment, and want to make a significant impact in the startup ecosystem, we want to hear from you.

Requirements

Requirements

- 3+ years of experience in IT audit, cybersecurity, risk management, or information security

- In-depth knowledge of SOC 2 and ISO 27001 frameworks; familiarity with other compliance standards is a plus

- Strong understanding of cloud security principles, especially in AWS and GCP environments

- Excellent project management and communication skills

- AWS Cloud Practitioner certification (or ability to obtain within 3 months)

- Proactive, assertive, and positive attitude with the ability to work in a fast-paced environment

Preferred Qualifications

- Experience in a consulting role, serving multiple clients simultaneously

- Familiarity with startup environments and their unique security challenges

- Additional certifications in cybersecurity or compliance fields