Security Compliance & Trust Certifications Lead
Title: Security Compliance & Trust Certifications Lead
Duration: Long term
Location :Remote ,USA(Candidate from California or PST times highly preferred)
(ONLY W2)
Job Description:
Key Responsibilities
Certification Program Ownership
ā¢ Lead end-to-end delivery of SOC 2 Type II and ISO/IEC 27001:2022 certifications
ā¢ Define certification scope, system boundaries, and control applicability
ā¢ Translate business operations and technical environments into audit-ready control narratives
Control Design & Implementation
ā¢ Map existing security and operational controls to SOC 2 and ISO 27001 requirements
ā¢ Identify control gaps and implement pragmatic remediation plans
ā¢ Ensure controls align with modern SaaS and cloud-native environments
Evidence Management & Audit Readiness
ā¢ Design scalable evidence collection workflows and continuous monitoring processes
ā¢ Implement lightweight tooling or automation for ongoing evidence capture
ā¢ Prepare audit artifacts, walkthrough materials, and management responses
ā¢ Serve as the primary liaison with external auditors and assessors
ISMS & Governance Build-Out
ā¢ Establish and operationalize a scalable Information Security Management System (ISMS)
ā¢ Define and implement:
ā¢ Risk assessment and risk quantification methodology
ā¢ Policy and standards framework
ā¢ Management review cadence
Required Qualifications
ā¢ 7+ years of experience in security compliance, GRC, audit readiness, or related fields
ā¢ Proven hands-on delivery of SOC 2 and ISO 27001 certification programs
ā¢ Experience in fast-growing SaaS or consumer technology companies
ā¢ Strong ability to translate technical environments into audit-grade documentation and narratives
ā¢ Familiarity with GRC platforms such as VISO Trust, Vanta, Drata, or similar
ā¢ Solid understanding of cloud security controls and modern SaaS architectures
ā¢ Experience with risk assessment and risk quantification methodologies
Preferred Qualifications
ā¢ Background in Big 4 or top-tier advisory firms (PwC, Deloitte, EY, KPMG)
ā¢ Experience with AWS, GCP, or Azure cloud environments
ā¢ Proven ability to partner directly with CISOs and executive leadership teams
Apply Now
Apply Now
Duration: Long term
Location :Remote ,USA(Candidate from California or PST times highly preferred)
(ONLY W2)
Job Description:
Key Responsibilities
Certification Program Ownership
ā¢ Lead end-to-end delivery of SOC 2 Type II and ISO/IEC 27001:2022 certifications
ā¢ Define certification scope, system boundaries, and control applicability
ā¢ Translate business operations and technical environments into audit-ready control narratives
Control Design & Implementation
ā¢ Map existing security and operational controls to SOC 2 and ISO 27001 requirements
ā¢ Identify control gaps and implement pragmatic remediation plans
ā¢ Ensure controls align with modern SaaS and cloud-native environments
Evidence Management & Audit Readiness
ā¢ Design scalable evidence collection workflows and continuous monitoring processes
ā¢ Implement lightweight tooling or automation for ongoing evidence capture
ā¢ Prepare audit artifacts, walkthrough materials, and management responses
ā¢ Serve as the primary liaison with external auditors and assessors
ISMS & Governance Build-Out
ā¢ Establish and operationalize a scalable Information Security Management System (ISMS)
ā¢ Define and implement:
ā¢ Risk assessment and risk quantification methodology
ā¢ Policy and standards framework
ā¢ Management review cadence
Required Qualifications
ā¢ 7+ years of experience in security compliance, GRC, audit readiness, or related fields
ā¢ Proven hands-on delivery of SOC 2 and ISO 27001 certification programs
ā¢ Experience in fast-growing SaaS or consumer technology companies
ā¢ Strong ability to translate technical environments into audit-grade documentation and narratives
ā¢ Familiarity with GRC platforms such as VISO Trust, Vanta, Drata, or similar
ā¢ Solid understanding of cloud security controls and modern SaaS architectures
ā¢ Experience with risk assessment and risk quantification methodologies
Preferred Qualifications
ā¢ Background in Big 4 or top-tier advisory firms (PwC, Deloitte, EY, KPMG)
ā¢ Experience with AWS, GCP, or Azure cloud environments
ā¢ Proven ability to partner directly with CISOs and executive leadership teams
Apply Now
Apply Now