Empleos

Manager – Information Security & Compliance

Lumel
Remote, Remote
Cybersecurity
Posted 24 days ago USD 150,000 - 150,000 / year
Lumel

Role Summary

The Manager – Information Security & Compliance is responsible for designing, implementing, and maintaining the organization’s security controls while ensuring compliance with frameworks such as SOC 2, ISO 27001, GDPR, HIPAA, and other regulatory requirements. This role requires strong hands-on security expertise, combined with the ability to lead governance, compliance, and audit programs.


Key Responsibilities


1. Compliance & Audit Management

  • Lead and maintain compliance programs (SOC 2, ISO 27001, GDPR, HIPAA, etc.).
  • Coordinate internal and external audits; manage evidence, remediation, and annual certification cycles.
  • Map compliance requirements to Azure-based technical controls and enterprise environments.
  • Translate regulatory requirements into actionable engineering tasks.


2. Governance, Risk & Policy

  • Develop and maintain cybersecurity policies, standards, and procedures.
  • Conduct ongoing risk assessments; maintain risk registers and drive mitigation efforts.
  • Ensure compliance with privacy and data protection regulations across Azure and other environments.
  • Manage third-party/vendor risk assessments.


3. Security Program Leadership

  • Collaborate with Engineering, IT, Legal, and Product teams to ensure alignment of Azure configurations and other security controls with compliance requirements.
  • Lead remediation of vulnerabilities, audit findings, and cloud misconfigurations.
  • Provide security guidance for new cloud deployments, system changes, and business initiatives.
  • Drive security awareness training programs.


Qualifications

Required

  • 5+ years of experience designing and implementing security solutions, preferably in hybrid or cloud-first environments.
  • Strong hands-on experience with Microsoft Azure
  • Proven experience with compliance frameworks such as SOC 2, ISO 27001, GDPR, HIPAA.
  • Experience supporting audits and compliance assessments.
  • Solid understanding of cloud security, identity management, encryption, networking, and regulatory requirements.
  • Excellent communication and stakeholder-management skills.


Preferred

  • Certifications such as CISSP, CISM, CISA, CCSP, Microsoft Azure Security Engineer (AZ-500), or ISO 27001 Lead Implementer/Auditor.
  • Experience securing Azure DevOps and CI/CD pipelines (nice to have).


Compensation & Benefits

  • Competitive salary
  • Comprehensive benefits package
  • Opportunity for professional development and future leadership growth.

Login to Apply Now

Recommended Jobs