Security Compliance Manager

TL;DR

Security Compliance Manager (Edtech): Own and drive information security compliance programmes for ISO 27001 certification and SOC 2 Type II, maintaining audit-readiness and security posture. Focus on risk assessments, policy authoring, regulatory monitoring across GDPR, NIS2, FERPA, and vendor risk management.

Location: Hybrid in Istanbul, Turkey (2 days in-office, 3 days remote) or fully remote in locations without offices. Flexible schedule between 09:00/10:00 and 18:00/19:00 CET or EET.

Company

All-in-one platform for education and research leveraging machine intelligence and data science to tackle access inequality, tech clutter, and student engagement.

What you will do

• Lead ISO 27001 certification and surveillance audits end-to-end, including gap analysis, control implementation, and external coordination.
• Own SOC 2 Type II programme with readiness assessments, evidence collection, and auditor liaison.
• Maintain and improve ISMS: policy library, control frameworks, risk register, and treatment plans.
• Conduct scenario-based risk assessments, track remediation, and update security policies.
• Coordinate with engineering, infrastructure, and product teams to implement compliance controls.
• Monitor regulatory developments (GDPR, NIS2, etc.), maintain RoPA, support DPIAs, respond to questionnaires, and manage vendor assessments.

Requirements

• 3–5 years in information security compliance, GRC, or related role.
• Hands-on experience with ISO 27001 implementation/certification and SOC 2.
• Familiarity with GDPR and at least one additional privacy regulation; FERPA exposure advantageous.
• Technical background in cloud infrastructure, SaaS architecture, access controls, and software practices.
• Strong written English for policies, audit evidence, and customer materials.
• Experience with enterprise B2B security questionnaires (CAIQ, SIG, etc.).
• Ability to manage multiple workstreams without direct team support.

Nice to have

• ISO 27001 Lead Implementer or Lead Auditor certification.
• German, Turkish, or Arabic language skills.

Culture & Benefits

• Choice of work equipment (laptop, monitor, etc.).
• English classes (iTalki – $130 monthly).
• Flexible schedule CET/EET.
• Newborn bonus (€500 per child), patent remuneration, paid leave.
• Equal opportunity employer committed to diversity and inclusion.