Manager, Information Risk & Compliance
$103,800–$173,300 year
Remote · United States
Job Summary
Lead a team responsible for domestic and international regulatory compliance audits, information security assessments, and broader cybersecurity risk initiatives. Design, implement, and enforce security, risk, and compliance controls to protect information assets; oversee day-to-day compliance operations, close enterprise risk and control gaps, and establish monitoring and reporting processes using frameworks such as ISO 27001, NIST, PCI DSS, HIPAA, and SOX. Drive internal and external audit activities, maintain audit documentation, and align programs to the enterprise risk roadmap. Bring expertise in cybersecurity principles, regulatory compliance, audit methodologies, and risk management, with proven leadership in achieving audit, security, and compliance outcomes.
Required Qualifications
- Bachelor’s degree in business administration, Information Technology, Cybersecurity, Risk Management, or a related field
- 7+ years of experience in compliance, audit, or risk management, with focus on information security assessments, audits, and IT controls
- 3+ years of Management experience
- Strong knowledge of ISO 27001, SOC 2, SOC 1, PCI-DSS, NIST, HIPAA, GDPR, and related frameworks
- Audit methodologies and testing automation
- Leadership and communication skills
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.