Security Compliance & Trust Certifications Lead

🌍 Remote, USA 💹 Full-time 🕐 Posted Recently

Job Description

Title: Security Compliance & Trust Certifications Lead

Duration: Long term

Location :Remote ,USA(Candidate from California or PST times highly preferred)

(ONLY W2)

Job Description:

Key Responsibilities

Lead end-to-end delivery of SOC 2 Type II and ISO/IEC 27001:2022 certifications
Define certification scope, system boundaries, and control applicability
Translate business operations and technical environments into audit-ready control narratives

Map existing security and operational controls to SOC 2 and ISO 27001 requirements
Identify control gaps and implement pragmatic remediation plans
Ensure controls align with modern SaaS and cloud-native environments

Design scalable evidence collection workflows and continuous monitoring processes
Implement lightweight tooling or automation for ongoing evidence capture
Prepare audit artifacts, walkthrough materials, and management responses
Serve as the primary liaison with external auditors and assessors

Establish and operationalize a scalable Information Security Management System (ISMS)
Define and implement:
Risk assessment and risk quantification methodology
Policy and standards framework
Management review cadence

7+ years of experience in security compliance, GRC, audit readiness, or related fields
Proven hands-on delivery of SOC 2 and ISO 27001 certification programs
Experience in fast-growing SaaS or consumer technology companies
Strong ability to translate technical environments into audit-grade documentation and narratives
Familiarity with GRC platforms such as VISO Trust, Vanta, Drata, or similar
Solid understanding of cloud security controls and modern SaaS architectures
Experience with risk assessment and risk quantification methodologies