Remote Information Security Program Manager

Role Overview

This Remote Information Security Program Manager role, posted by Jobgether on behalf of a partner company, is crucial for ensuring governance, risk, and compliance processes effectively protect customer trust and support regulatory requirements. You will collaborate with technical, operational, and business partners to enhance security practices and facilitate a secure environment conducive to business growth. Through your efforts, you will help shape the security strategy and make informed decisions that balance innovation with compliance, all within a flexible, fully remote work setting offering significant collaboration opportunities.

Key Accountabilities

• Act as a trusted GRC partner translating audit, risk, and compliance requirements into actionable guidance.
• Coordinate core assurance activities for SOX IT and SOC 2 across diverse teams to ensure audit readiness and successful outcomes.
• Manage security due diligence requests to protect customer and partner trust with clear and timely responses.
• Own policy management including drafting, maintaining, and reviewing information security policies and standards.
• Support the information security third-party risk management program to reduce third-party risks.
• Enhance GRC operations through process improvements and effective use of automation and tooling.

Required Qualifications

• 5+ years of experience in information security, GRC, or IT/Information Security audit.
• Demonstrated experience operating GRC programs in a regulated technology or financial services environment.
• Working knowledge of security and compliance frameworks such as SOC 2 and NIST CSF 2.0.
• Strong written and verbal communication skills for interacting with technical and non-technical audiences.
• Ability to design metrics and reporting for various stakeholders.

Benefits

• Competitive compensation including base pay and annual equity grants.
• Generous 401(k) plan with up to $15,000 in company matching.
• Affordable medical, dental, and vision coverage with significant cost coverage by the company.
• Paid time off, sick and safe leave, and company holidays.
• Paid family and parental leave for caregiving and significant life events.
• Employee Assistance Program (EAP) offering mental health support.
• Annual wellness and productivity allowances to support personal and professional growth.

Key skills/competency

• Information Security
• GRC (Governance, Risk, Compliance)
• IT Audit
• Regulatory Compliance
• SOX IT
• SOC 2
• NIST CSF 2.0
• Policy Management
• Third-Party Risk Management
• Security Strategy