Information Security Manager, Compliance

Summary

Join Wallarm, a global remote-first team, as an Information Security Manager to lead and enhance our internal security and compliance strategy. You will improve our security posture, maintain certifications like SOC2, and obtain PCI DSS and FedRAMP compliance. This crucial role ensures our security infrastructure meets the highest standards while fostering a strong security culture. You will develop and implement security and compliance strategies, oversee our security infrastructure, conduct risk assessments, lead the Security Operations Center, and implement security awareness training. You will also work with various teams to ensure regulatory adherence and manage security relationships with vendors. Wallarm offers a competitive salary, bonuses, paid time off, medical insurance, working equipment, and professional development opportunities.

Requirements

• 7+ years of experience in cybersecurity, risk management, and compliance
• Deep understanding of SOC2, PCI DSS, and/or FedRAMP compliance requirements
• Strong knowledge of cloud security (AWS, GCP, Azure), IAM, endpoint security, and network security principles
• Experience leading security audits, risk assessments, and vulnerability management programs
• Expertise in incident response, security monitoring, and threat intelligence
• Strong technical background in security engineering, DevSecOps, and security automation
• Excellent leadership, communication, and stakeholder management skills
• Ability to work cross-functionally with engineering, legal, compliance, and executive teams

Responsibilities

• Develop and implement security and compliance strategies to align with industry best practices
• Maintain and enhance our SOC2 certification, ensuring continuous compliance with security controls
• Lead initiatives to achieve and maintain PCI DSS and FedRAMP compliance, including documentation, audits, and process improvements
• Oversee the company’s security infrastructure, including cloud security, endpoint protection, identity and access management (IAM), and incident response
• Conduct risk assessments, vulnerability management, and threat analysis to mitigate security risks proactively
• Lead the Security Operations Center (SOC) and collaborate with DevOps teams to ensure effective security monitoring and incident response
• Implement security awareness training programs to educate employees on best security practices
• Work with legal, compliance, and regulatory teams to ensure adherence to industry regulations
• Lead third-party security assessments and manage security relationships with vendors and partners
• Establish and track key security metrics to measure and improve security performance
• Stay up to date with emerging security threats, vulnerabilities, and regulatory requirements

Preferred Qualifications

• Hands-on experience with FedRAMP
• Experience working in high-growth tech startups or SaaS environments
• Hands-on experience with security tools and platforms such as SIEM, IDS/IPS, WAF, and endpoint security solutions
• Knowledge of API security, penetration testing, and security best practices for microservices
• Experience in developing and implementing security policies and governance frameworks

Benefits

• Completely remote work and flexible working hours
• Competitive salary and bonuses
• Paid days off
• Medical insurance
• Working equipment
• Professional development and career growth