Compliance & Information Security Manager

Job description

We’re hiring a hands-on Compliance & Information Security Manager to own and scale our security program. You will replace external advisory support and act as the internal lead for compliance and security governance, working closely with Engineering, Product, Legal, and Sales. Tasks: Maintain and evolve our Information Security Management System (ISMS), including policies, standards, control documentation, and the company-wide risk register. Conduct security assessments for new and existing vendors, define security requirements in contracts, and ensure critical partners meet our standards. Own customer security questionnaires, RFP responses, and due diligence processes; maintain a structured library of reusable answers and documentation. Ensure controls are operating effectively, coordinate internal testing, and partner with engineering to close gaps in a timely manner. Ensure proper documentation, post-incident follow-up, and alignment with compliance requirements for incident management and disaster recovery processes. - Own the ISMS and security governance - Lead certification lifecycle Run readiness assessments, manage evidence collection, coordinate auditors, track remediation...