Security Assurance Specialist

About The Position

Requirements

• Minimum 5+ years of experience in Security Assurance, Security GRC, or a related compliance/security function.
• Proven expertise in security risk assessments, security controls testing and automation.
• Strong knowledge of industry standards and regulatory frameworks (ISO 27001, SOC 2, NIST).
• Experience in implementing, monitoring, and automating security controls aligned with recognized frameworks.
• Skilled in assessing, tracking, and reporting on control deficiencies, and driving timely remediation.
• Solid understanding of technology environments including applications, infrastructure and SaaS
• Ability to translate compliance requirements into technical control implementations and automated processes.
• Proficiency in documenting processes, procedures, and system requirements to improve efficiency and assurance outcomes.
• Comfortable collaborating directly with engineers to embed compliance and assurance into daily workflows.
• Strong analytical and problem-solving skills, with the ability to interpret complex requirements and design practical solutions.
• Excellent written and verbal communication skills; able to engage effectively with stakeholders at all levels, from engineers to executives.
• Detail-oriented with the ability to manage multiple priorities and deliver high-quality work under deadlines.
• Collaborative and proactive, with a passion for continuous improvement and scaling security assurance processes.
• Industry certifications such as CISSP, CISA, ISO 27001 Lead Implementer are a strong plus.

Nice To Haves

• Blockchain and Web3 knowledge/experience is a plus, along with enthusiasm to engage with emerging technologies.
• Education or experience in the Information Security field
• Certification in any of the following: CISSP, CEH, CRISC, AWS/Azure/CGP security, ISO 27001 Lead Auditor or Implementer, FAIR etc.
• Experience in implementing security awareness and training programs for engineering teams
• High sense of ownership, urgency, and drive, as well asthe ability to collaborate cross-functionally
• Excellent project management and relationship management skills

Responsibilities

• Manage end-to-end compliance initiatives (e.g., SOC 2, ISO 27001)
• Serve as the primary liaison with external auditors, internal auditors, and internal stakeholders to ensure successful audit outcomes.
• Drive timely collection, validation, and submission of audit evidence.
• Assess current manual controls and partner with Engineering and Security teams to implement automated, technology-driven compliance controls.
• Build and maintain continuous monitoring dashboards to provide real-time visibility into compliance posture.
• Collaborate with tooling teams to integrate compliance checks into internal systems.
• Build strong relationships with Engineering, Security, Legal, People, Finance and Product teams with the goal of embedding compliance into daily workflows.
• Provide guidance to control owners and business units to ensure ownership, accountability, and audit readiness.
• Benchmark and improve the company’s compliance program against industry best practices (NIST, CIS, CSA, ISO, DORA etc.).
• Identify opportunities to reduce manual effort and increase the scalability of compliance activities.
• Stay current with regulatory changes, industry trends, and emerging compliance automation solutions.