Related skills
gdpr iso 27001 nist pci dss soc 2π Description
- Govern and implement security/privacy policies and control frameworks.
- Lead enterprise risk assessments including vendor reviews.
- Drive third-party risk management and onboarding.
- Coordinate audits for ISO 27001, SOC 2, PCI DSS, GDPR, etc.
- Advise on privacy/regulatory alignment across teams.
π― Requirements
- 5+ years in cybersecurity, GRC, or privacy.
- Knowledge of ISO 27001, NIST, SOC 2, GDPR, PIPEDA, FINTRAC.
- Hands-on with GRC tools (OneTrust, Hyperproof, Drata, AuditBoard).
- Experience with vendor risk/TPRM and risk registers.
- Able to communicate risk to technical and non-technical stakeholders.
- Certifications such as CISM, CRISC, CISSP, CISA valued.
π Benefits
- Hybrid work options and flexible schedules.
- DEIB-focused culture and ERGs.
- Growth opportunities and purposeful work.
- Supportive teammates and collaborative environment.
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Legal Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!