Senior Information Security Officer (GRC)

TL;DR

Senior Information Security Officer (GRC): Leading global compliance projects and serving as the primary architect for Information Security and Compliance by Design with an accent on SOX, ISO 27001, and SOC1/2 frameworks. Focus on designing robust Internal Control Systems (ICS), managing end-to-end audit lifecycles, and negotiating remediation strategies with senior global stakeholders.

Location: 100% Remote (must be able to bridge EMEA/US time zones).

Company

hirify.global is a global leader in risk and asset management software solutions.

What you will do

• Lead and manage critical global compliance projects, integrating security requirements into the project lifecycle.
• Act as a senior advisor to product and engineering teams to implement Compliance by Design principles.
• Design, implement, and monitor a robust Internal Control System (ICS) framework.
• Lead the testing, validation, and documentation of IT General Controls (ITGCs).
• Serve as the primary point of contact for external and internal auditors.
• Conduct deep-dive risk assessments for high-priority global initiatives and negotiate remediation strategies.

Requirements

• 8+ years of experience in Information Security/GRC with a focus on IT Audit and SOX compliance.
• In-depth knowledge of ITGCs, SOC1/2, ISO 27001, and Secure SDLC workflows.
• Professional fluency in English (written and verbal) is mandatory.
• Proven ability to work in a 100% remote role with discipline to manage EMEA/US time zone gaps.
• Bachelor’s or Master’s degree in Cybersecurity, Information Systems, or a related field.

Nice to have

• CISA (Certified Information Systems Auditor) certification is highly preferred.
• CISSP, CISM, or CRISC certifications.

Culture & Benefits

• Virtual-first work environment promoting independence and ownership.
• Opportunity to influence global stakeholders including C-Suite leadership.
• High-pace, dynamic work environment within a global organization.