Related skills
gdpr iso 27001 ccpa vanta grc📋 Description
- Lead PCI DSS compliance: CDE scoping, control validation, and audit management (RoC/SAQ, QSAs).
- Lead SOC 2 Type II attestation: TSC mapping, evidence collection, control testing, remediation tracking.
- Maintain ISO 27001 ISMS: risk assessments, SoA, internal audits, continuous improvement.
- Develop/enforce security policies aligned with PCI DSS, SOC 2, ISO 27001.
- Partner with Security, Platform, and Application teams to implement and sustain controls.
- Translate technical risks into business-impact language for decision-making.
🎯 Requirements
- Bachelor’s degree in Information Systems, CS, Cybersecurity, or related field.
- 4.5+ years in GRC, risk management, or compliance with exposure to technical security controls.
- Hands-on PCI DSS experience: audits, CDE scoping, and control validation.
- Working knowledge of SOC 2 Type II Trust Services Criteria and audit processes.
- ISO 27001 ISMS experience: risk assessments and Annex A controls; vendor risk.
- GRC certifications such as CISA, QSA, IPCIP, TPRA; GDPR/CCPA familiarity; SaaS PCI.
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest — finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!