Security Compliance Program Manager

Yuxi Global
Match Resume

About The Position

Veritas Automata is a technology consulting and software development company dedicated to delivering innovative solutions that drive business success. We combine expertise in automation, AI, and advanced technology to enhance operational efficiency and streamline complex processes. Our teams build modern, intelligent, and scalable solutions that empower clients across regulated industries, enterprise platforms, and next-generation AI ecosystems. We are committed to innovation, ownership, and delivering measurable outcomes for our clients and partners. Yuxi Global, powered by Veritas Automata, is a South America-based delivery and talent entity that supports Veritas Automata’s global delivery model. We specialize in providing comprehensive solutions, including turnkey enterprise-grade application development, managed development teams, staff augmentation, and strategic consulting via our Veritas Automata Services Team. This role is a senior-level security, audit, and compliance professional responsible for supporting the development, implementation, and operationalization of SOC 2, ISO 27001:2022, NIST CSF, and related security procedures for client environments. The Cyber Security Engineer (L7) will work alongside an existing long-term consultant to transform audit requirements, security controls, documented procedures, evidence collection processes, user-awareness initiatives, and internal-audit findings into sustainable operational practices. This role will collaborate closely with client leadership, security stakeholders, HR, Finance, Operations, Engineering, Technology, Business Development, Purchasing, and international business units to advance security maturity and certification readiness.

Requirements

  • 10–16 years of professional experience in cybersecurity, information security, IT audit, GRC, risk management, infrastructure security, security engineering, or related disciplines.
  • Hands-on experience supporting SOC 2 Type 1 and/or Type 2 audits, including control documentation, evidence collection, auditor interaction, remediation planning, and recurring control operation.
  • Strong working knowledge of ISO 27001, including ISO 27001:2022 requirements, Annex A controls, internal audits, risk treatment, documented information, and management-system practices.
  • Experience aligning security programs with frameworks such as NIST CSF, CIS Controls, ISO 31000, ISO 22301, HIPAA, HITRUST, PCI DSS, GDPR, LGPD, or DFARS-related requirements.
  • Demonstrated ability to create and operationalize policies, procedures, standards, control narratives, process documentation, and evidence-management workflows.
  • Experience working with cross-functional business and technology stakeholders to obtain audit evidence, drive process adoption, and close control gaps.
  • Strong understanding of technical security domains, including: Access Control, Identity and Access Management (IAM), Vulnerability Management, Incident Response, Change Management, Logging and Monitoring, Endpoint Security, Network Security, Cloud Security, Business Continuity.
  • Experience working directly with senior stakeholders and control owners to improve security maturity and track measurable progress.
  • Practical experience using Jira, Confluence, spreadsheets, dashboards, or GRC platforms to manage audit readiness, KPIs, findings, and remediation plans.
  • Strong written and verbal communication skills in English.

Responsibilities

  • Support the development, implementation, and operationalization of SOC 2, ISO 27001:2022, NIST CSF, and related security procedures for client environments.
  • Transform audit requirements, security controls, documented procedures, evidence collection processes, user-awareness initiatives, and internal-audit findings into sustainable operational practices.
  • Collaborate closely with client leadership, security stakeholders, HR, Finance, Operations, Engineering, Technology, Business Development, Purchasing, and international business units to advance security maturity and certification readiness.
  • Create and operationalize policies, procedures, standards, control narratives, process documentation, and evidence-management workflows.
  • Work with cross-functional business and technology stakeholders to obtain audit evidence, drive process adoption, and close control gaps.
  • Work directly with senior stakeholders and control owners to improve security maturity and track measurable progress.
  • Manage audit readiness, KPIs, findings, and remediation plans using tools like Jira, Confluence, spreadsheets, dashboards, or GRC platforms.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Education Level

No Education Listed

Job Search Resources

Similar Security Compliance Program Manager job opportunities

Program Manager, AWS Compliance & Security Assurance
Amazon
Amazon • Arlington, VA13d • $74,200 - $129,800 • Onsite
🔥 New JobProgram Manager – Compliance
Expleo
Expleo • Dallas, TX1d • $103,000 - $113,000 • Hybrid
Security Program Manager
Amazon
Amazon • Atlanta, GA13d • $80,000 - $140,000 • Onsite
Assurance Program Manager, AWS Compliance & Security Assurance
Amazon
Amazon • Herndon, VA9d • $119,300 - $208,900 • Onsite
Lead Compliance Program Manager
Point32Health
Point32Health • Canton, MA12d • Hybrid
Corporate Compliance Program Manager
East West Bank
East West Bank • Pasadena, CA5d

Tools

Templates & Examples

Resources

Comparisons

Company

Over 4 Million Users
Free AI tools and resources to help you land your next job, faster
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service