Commercial Security Service Sales Executive promoting and selling security services at Johnson Controls. Building relationships and delivering solutions to protect people and property within assigned territories.
TP
Hybrid Security Risk & Compliance Manager
Posted last month
About the role
- Security Risk & Compliance Manager managing security assessments and compliance activities at TrueContext. Leading risk management, customer inquiries, and vendor assessments in a hybrid work environment.
Responsibilities
- Lead end-to-end completion of customer security questionnaires, RFIs, and due diligence requests, coordinating inputs from engineering, security, and leadership to ensure accurate and consistent responses
- Maintain and continuously improve a reusable library of standard security answers, architecture descriptions, and supporting evidence mapped to SOC 2 and related frameworks
- Own the third-party/vendor security lifecycle: intake, risk triage, detailed security assessments for higher-risk vendors, ongoing monitoring, and periodic reassessment
- Review vendor SOC 2 reports and other attestations, identify issues or exceptions, document risk, and drive agreed mitigation actions with internal owners
- Coordinate the company’s SOC 2 program activities, including control mapping, evidence collection, tracking remediation items, and preparing for audits
- Partner with engineering teams to understand system design, data flows, and operational practices, translating technical details into clear security and compliance narratives
- Provide security and compliance input on contracts and DPAs, working with Legal and Procurement on security clauses, data protection requirements, and vendor obligations
- Define and track practical metrics (e.g., questionnaire volume/SLAs, vendor risk tiers, open remediation items) and report status and risks
- Educate Sales, Customer Success, and other go-to-market teams on security positioning, SOC 2 scope, and standard responses
Requirements
- 2–5 years of experience in information security, risk management, compliance, or related roles, ideally in a SaaS or cloud-native environment
- Direct experience with customer security questionnaires and vendor risk assessments, including reading SOC 2 reports and other security attestations
- Solid understanding of SOC 2 principles and common security controls (access management, encryption, logging/monitoring, SDLC, incident response, business continuity)
- Ability to interact confidently with senior engineers, translate between technical and non-technical audiences, and influence without direct authority
- Strong written and verbal communication skills with an emphasis on clarity, consistency, and reusability of security and compliance messaging
- Experience with GRC, vendor risk, or compliance platforms (e.g., SOC 2 automation tools, vendor risk management tools) is an asset
Benefits
- Company-wide & team social events
- Wellness yearly allowance
- Annual learning allowance
- Great time off benefits (4 weeks of vacation + 2 True2ME days + 1 TrueCrewCares day)
- Summer FriYAYs (every other Friday off from Victoria Day until Labour Day)
- Catered lunches 2x per week
- An amazing office space with plenty of snacks, drinks, and space to collaborate
- Hybrid work environment (3 days a week in the office)
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Security Incident Responder in a leading IT service company in Germany, responsible for analyzing and responding to IT security incidents while developing technological solutions.
Deputy ISSO leading compliance and security activities for NOAA systems at RCG. Requires active Secret clearance and CISSP certification with 8+ years of experience.
Technical Recruiter hiring for Snap Inc.'s security and machine learning teams. Full life cycle recruiting support for technical talent across Snap's innovations.
Team Leader ensuring security operations at ZF in Friedrichshafen. Leading a local team and managing on - site safety tasks.
Cloud Security Architect integrating cyber defense strategies across cloud platforms for Elevance Health. Lead collaboration with infrastructure and engineering teams to enhance security in cloud environments.
Senior Security Advisor designing advanced security solutions for Optiv’s clients. Driving sales and building relationships in a competitive cyber security landscape.
Personnel Security Specialist leading intake operations at PSI. Focused on case coordination, quality assurance, and team training for security suitability tasks.
Security Coordinator overseeing supervision and training of security personnel for BronxWorks' homeless services programs. Ensuring compliance, safety, and coordination with social services directors in Bronx area.
Part - Time Security Officer safeguarding personnel and property at Kaman Air Vehicles. Providing access control, monitoring systems, and responding to incidents in Bloomfield, CT.