Information Security Compliance Engineer

Summary

Join Smartcat, a rapidly growing Series C company, as a Security and Compliance Specialist. You will play a crucial role in protecting the organization by designing, implementing, and maintaining robust governance, risk management, and compliance frameworks. This involves supporting compliance audits, building relationships with employees, updating security policies, identifying gaps in security controls, and supporting the sales team. The ideal candidate will have 4+ years of compliance experience, hands-on experience with security frameworks, and excellent communication skills. Smartcat offers a fully remote work environment and the opportunity to be part of a dynamic, high-growth company.

Requirements

• 4+ years of prior compliance experience: Hands-on Information Security and/or security compliance experience with Information Security standards, technology, and monitoring
• Hands-on experience with implementing, reviewing, or auditing security frameworks such as SOC 1, SOC 2, ICFR/SOX, NIST, and/or ISO27001
• Excellent interpersonal, communication, and writing skills, with the proven ability to communicate and translate technical concepts, requirements, and issues to technical and non-technical business audiences
• Ability to manage demands of internal and external customers and auditors through phone, email, and process requests
• Detail oriented, self-motivated, and a problem solver
• Ability to multitask and prioritize with little direct supervision
• Ability to communicate in English fluently
• We expect you to be tech-savvy and have the ability to write code in any preferred language

Responsibilities

• Support various compliance audits by coordinating with external auditors to understand audit requirements; providing sufficient artifacts to fulfill the auditor’s request; and communicating with internal stakeholders for audit readiness and areas of improvement
• Build relationships with a broad range of Smartcat employees at various levels to accomplish program objectives, educate them on their roles and responsibilities, and further Smartcat Security goals
• Update and document changes to information security policies, procedures, and internal standards
• Identify gaps between information security policies, procedures, and standards with control frameworks and communicates those gaps to the Head of Security and internal stakeholders
• Support sales team by responding to security questionnaires
• Establish Step-by-step plan on enhancing company’s security processes and controls
• Review the existing set of Security policies and updating them according to company compliance status
• Issuing ISO27001 SoA and establishing prioritized list of controls to establish

Benefits

Fully remote team