Technical Security Governance Manager

About The Position

Requirements

• 5+ years of experience in security governance, GRC, or security engineering, with at least 3 years in a technical security role
• University degree in Computer Science, Information Systems, or related field, or equivalent work experience
• Knowledge of security frameworks and standards (e.g., ISO 27001, SOC 2, NIST CSF, PCI DSS, FedRAMP)
• Experience helping define and embed security controls into engineering workflows, CI/CD pipelines, or infrastructure
• Familiarity with security tooling, GRC platforms, and automation frameworks

Nice To Haves

• One or more certifications such as Security+, CISA, CISM, or CISSP
• Experience working in cloud environments (AWS, GCP, Azure) with exposure to infrastructure-as-code practices
• Understanding of DevSecOps, security automation, and control validation techniques
• Experience supporting cross-functional initiatives involving engineering, compliance, and product teams
• Proactive, demonstrated self-starter, open to learning new security topics, flexible and organized
• Strong collaboration and communication skills with both technical and non-technical audiences
• Solid documentation and reporting abilities
• Strong understanding of information security concepts, processes, and controls

Responsibilities

• Support the development, maintenance, and refinement of enterprise-wide security policies, standards, and control objectives
• Contribute to aligning policies with frameworks (e.g., ISO, SOC 2, NIST, PCI, FedRAMP) and regulatory requirements
• Assist in keeping security policies and standards current, practical, and risk-aligned
• Define and document controls with both policy and technical input, ensuring they are implementable and measurable
• Partner with engineering to help embed controls into systems, CI/CD pipelines, and operational processes
• Support policy education and adoption programs to drive awareness and compliance across the organization
• Help design processes that integrate policy-driven controls into engineering ways of working
• Collaborate with compliance and risk teams to track and monitor control effectiveness
• Utilize technical tooling (e.g., GRC systems, automation dashboards) to provide visibility into control implementation
• Participate in technical assurance efforts to identify implementation gaps before they become audit findings

Benefits

• Bonus: Sales personnel are eligible for variable incentive pay dependent on their achievement of pre-established sales goals. Non-Sales roles are eligible for a company bonus plan, which is calculated as a percentage of eligible wages and dependent on company performance.
• Paid Time Off: earned time off, as well as paid company holidays based on region
• Paid Parental Leave: take up to six months off with your child after birth, adoption or foster care placement
• Full Health Benefits Plans: options for 100% employer paid and minimum employee contribution health plans from day one of employment
• Retirement Plans: select retirement and pension programs with potential for employer contributions
• Learning and Development: options for coaching, online courses and education reimbursements
• Compassionate Care Leave: paid time off following the loss of a loved one and other life-changing events