Назад
Company hidden
13 часов назад

Manager, Security Governance Risk & Compliance (Cybersecurity)

112 870 - 169 306$
Формат работы
onsite
Тип работы
fulltime
Грейд
lead
Английский
c1
Страна
UK
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Manager, Security Governance Risk & Compliance (Cybersecurity): Leading compliance programs and audit portfolios for a multi-entity commerce ecosystem with an accent on operationalizing controls into business-as-usual (BAU) workflows. Focus on reducing audit fatigue, managing external auditor relationships, and ensuring continuous audit readiness across global footprints.

Location: London, United Kingdom

Salary: $112,870 - $169,306

Company

An AI-driven commerce ecosystem encompassing BigCommerce, hirify.global, and Makeswift, focused on empowering businesses to grow through integrated data and personalized experiences.

What you will do

  • Own the end-to-end lifecycle of core audit programs, including PCI DSS 4.0, SOC 2 Type 2, ISO 27001, and SOX.
  • Partner with control owners across multiple business units to ensure compliance obligations are met and evidence is maintained.
  • Serve as the primary point of contact for QSAs, external auditors, and certification bodies to defend the control environment.
  • Drive the operationalization of audit requirements into BAU workflows to eliminate point-in-time evidence collection.
  • Track and remediate audit findings and control gaps through pragmatic, risk-informed plans.
  • Oversee the Secure Controls Framework (SCF) built from NIST, ISO 27001, and PCI DSS.

Requirements

  • 6–10 years of experience in Information Security, IT Audit, or GRC.
  • Proven track record of managing enterprise-level audit programs (PCI, SOC 2, ISO 27001, or SOX).
  • Deep working knowledge of PCI DSS 4.0, ISO 27001:2022, SOC 2 Trust Service Criteria, and SOX IT general controls.
  • Experience applying GRC frameworks in cloud-native environments.
  • Must be based in London, United Kingdom.
  • Certification such as PCI ISA, CISA, or CISSP is strongly preferred.

Nice to have

  • Prior experience at a Big 4 advisory or audit firm (Deloitte, PwC, EY, KPMG) in IT audit or risk advisory.

Culture & Benefits

  • Inclusive atmosphere focused on celebrating unique histories, perspectives, and abilities.
  • Reasonable accommodations provided for individuals with disabilities during the interview and employment process.
  • Opportunity to work with a team of bold builders and technical trailblazers in the agentic commerce era.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →