Related skills
gdpr iso 27001 ai governance nist 800-53 soc 2📋 Description
- Own and drive the compliance program roadmap across SOC 2, ISO 27001/27701/42001.
- Lead cross-functional compliance initiatives with Eng, Product, Legal, and IT.
- Design and maintain Docker’s unified control framework, mapping to NIST 800-53.
- Plan and execute internal audits end-to-end: scoping, evidence, testing, findings.
- Own the vendor risk management program, evaluating third-party vendors for compliance.
- Establish and report on compliance metrics and KPIs for leadership.
🎯 Requirements
- 4–6 years in information security, governance, risk, and compliance
- Experience building/operating an enterprise risk mgmt program
- Experience with third-party risk management
- Knowledge of ISO 27001, SOC 2, NIST 800-53, and GDPR
- Familiarity with AI governance concepts (ISO 42001, NIST AI RMF)
- Familiarity with cloud environments AWS, GCP, Azure
🎁 Benefits
- Freedom & flexibility; fit your work around your life
- Designated quarterly Whaleness Days plus end of year Whaleness break
- Home office setup; we want you comfortable while you work
- 16 weeks of paid Parental leave (after 6 months of employment)
- Technology stipend equal to $100 USD net/month
- Equity; we are a growing start-up and want all employees to share in success
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Business & Management Jobs. Just set your
preferences and Job Copilot will do the rest — finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!