Grc Manager

TL;DR

Grc Manager: Maintaining security and compliance documentation, supporting commercial teams in negotiations, and ensuring compliance with ISO 27001, UK GDPR, EU GDPR, and CCPA with an accent on continuous improvement and standardization. Focus on managing third-party supplier risk and implementing new regulations and standards.

Location: Hybrid in Cambridge, UK, or remote within the UK.

Company

hirify.global is the leading Salesforce DevOps platform trusted by more than 3,500 companies around the globe.

What you will do

• Own security and compliance documentation, ensuring accuracy and relevance across information security and compliance programs.
• Support commercial teams in complex information security and compliance negotiations, ensuring accurate and timely responses.
• Maintain ISO 27001 compliance and certification through continuous improvement and audit preparation.
• Manage the internal Data Protection compliance program, ensuring adherence to global regulations including UK GDPR, EU GDPR, and CCPA.
• Manage third party supplier risk program.
• Work as part of the compliance project team when implementing new regulations or standards such as NIST, fedRAMP etc.

Requirements

• Experience in an information security or GRC role within a technology company.
• Hold an ISO 27001 Lead Implementer or Lead Auditor certificate.
• In-depth knowledge of ISO 27001 standards and experience in implementing and maintaining the certification.
• Track record of owning internal compliance with global data protection laws including GDPR and CCPA.
• Understanding of AWS Cloud infrastructure and application security.
• Excellent communication skills, attention to detail, and a passion for delivering a great customer experience.

Nice to have

• A degree in Computer Science, Information Security, Cybersecurity, or a related discipline.
• A recognised Information Security qualification such as CISSP, CompTIA Security+.
• Past exposure to other regulations or frameworks such as NIST, HIPAA, fedRAMP, DORA.
• Knowledge of DevOps and DevSecOps.

Culture & Benefits

• Full-time opportunity, working Monday to Friday remotely within the UK.
• Opportunity to join a Long Term Incentive scheme.
• Generous personal development budget for courses and conferences (up to £1500 per year).
• Top end hardware provided.
• Free lunch any day you are in the office.
• BUPA health care, life insurance, and critical illness cover.