onsite
Security Governance Risk & Compliance Officer - Rowden
Software Engineer
Lead security governance, risk and compliance initiatives, implementing ISO 27001 and NIST frameworks, managing audits, and ensuring data protection across cloud and on‑premise environments.
About the role
Key Responsibilities
- Develop, maintain, and continuously improve the organization’s security governance framework aligned with ISO 27001, NIST, and other relevant standards.
- Conduct risk assessments, threat modeling, and gap analyses to identify and mitigate security vulnerabilities.
- Lead internal and external compliance audits, prepare evidence packages, and drive remediation actions.
- Collaborate with engineering, product, and operations teams to embed security controls into development lifecycles and cloud deployments.
- Provide guidance and training on security policies, data protection regulations, and best practices to stakeholders across the business.
Requirements
- Proven experience in security governance, risk management, and compliance within a technology‑focused organization.
- Strong knowledge of ISO 27001, NIST Cybersecurity Framework, and related regulatory requirements (e.g., GDPR, CMMC).
- Hands‑on experience with cloud security (AWS, Azure, or GCP) and implementing security controls in cloud environments.
- Excellent analytical, communication, and stakeholder‑management skills.
- Relevant certifications such as CISSP, CISM, ISO 27001 Lead Implementer, or equivalent.
Skills
software developmentsystem designproblem solving