Related skills
aws gdpr ccpa soc 2 type ii servicenow grcπ Description
- Build and own the enterprise security risk management program.
- Establish security control framework mapping to SOC 2, PCI-DSS, CIS Controls.
- Drive security policy development and lifecycle management across the organization.
- Lead the security committee and governance forums; document decisions.
- Own SOC 2 Type II and PCI-DSS compliance program; manage evidence and audits.
- Build continuous audit readiness; automate evidence collection where possible.
π― Requirements
- 8+ years in GRC or information security; 3+ years in management.
- Deep hands-on SOC 2 Type II experience; led multiple audit cycles.
- Strong PCI-DSS v4.0 knowledge and implementation experience.
- GDPR and CCPA compliance knowledge across jurisdictions.
- Experience managing external auditors and audit engagements.
- Experience with GRC platforms (Vanta, Drata, ServiceNow GRC) and AWS.
π Benefits
- Competitive salary & equity
- Unlimited PTO
- Full Health, Vision, & Dental coverage
- 401k match
- Hardware setup: new MacBook Pro, big display, & accessories
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to All Other Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!