Grc Manager

TL;DR

Grc Manager: Maintaining security and compliance documentation, supporting commercial teams in negotiations, and ensuring compliance with ISO 27001, UK GDPR, EU GDPR, and CCPA with an accent on continuous improvement and standardization of processes. Focus on managing third-party supplier risk and implementing new regulations and standards.

Location: A full-time remote role in United Kingdom

Company

hirify.global is the leading Salesforce DevOps platform trusted by more than 3,500 companies around the globe.

What you will do

• Own security and compliance documentation, ensuring accuracy and relevance across information security and compliance programs.
• Support commercial teams in complex information security and compliance negotiations, ensuring accurate and timely responses.
• Maintain ISO 27001 compliance and certification through continuous improvement and audit preparation.
• Manage the internal Data Protection compliance program, ensuring adherence to global regulations including UK GDPR, EU GDPR, and CCPA.
• Manage third party supplier risk program.
• Work as part of the compliance project team when implementing new regulations or standards such as NIST, fedRAMP etc.

Requirements

• Experience in an information security or GRC role within a technology company, with an ISO 27001 Lead Implementer or Lead Auditor certificate.
• In-depth knowledge of ISO 27001 standards and proven experience in implementing and maintaining the certification.
• Track record of owning internal compliance with global data protection laws including GDPR and CCPA.
• Understanding of AWS Cloud infrastructure and application security.
• Technical predisposition and ability to adapt to the needs of a rapidly growing company.
• Excellent communication skills, attention to detail, and a passion for delivering a great customer experience.

Nice to have

• A degree in Computer Science, Information Security, Cybersecurity, or a related discipline.
• A recognised Information Security qualification such as CISSP, CompTIA Security+.
• Past exposure to other regulations or frameworks such as NIST, HIPAA, fedRAMP, DORA.
• Knowledge of DevOps and DevSecOps.

Culture & Benefits

• Full-time remote role within the UK, working Monday to Friday.
• Opportunity to join a Long Term Incentive scheme.
• Generous personal development budget of up to £1500 per year.
• Top end hardware provided.
• Free lunch any day you are in the office.
• BUPA health care, Life Insurance & critical illness cover, and discounted gym membership.