See more DevOps & Sysadmin jobs →

← Back to all jobs

Security and Compliance Manager - SaaS (Work from Home)

Posted

ScheduleOnce
Headquarters: California
https://www.scheduleonce.com/about

ScheduleOnce (www.scheduleonce.com) is an innovative Software-as-a-Service company that provides a feature-rich scheduling platform to businesses. We are looking for a Security and Compliance Manager to lead our security and compliance efforts and support our rapid growth within the Enterprise market. Candidates should have the potential to serve as ScheduleOnce's top authority on all security and compliance matters.

Please note:

  • ScheduleOnce operates virtually and all employees work remotely from home
  • Urgent security and privacy incidents may require out-of-hours responses, including nights and weekends.

Roles and responsibilities

  • Ensure compliance with security and privacy frameworks (PCI, HIPAA, GDPR, etc.)
  • Define security policies and controls in line with SOC2, ISO27001 and NIST standards
  • Suggest and implement continuous improvements to ScheduleOnce security through an ongoing risk management process
  • Manage security of production and QA environments
  • Manage IT and security of employee devices across a geographically distributed team
  • Develop and deliver training and security awareness programs to employees
  • Provide an information security perspective on compliance with client agreements
  • Develop security policies and standards and ensure they are implemented and followed
  • Ongoing monitoring of the company’s security and compliance health on all fronts
  • Act as a subject matter expert on security and privacy throughout the product development lifecycle
  • Define and manage the company’s security and compliance roadmap

Requirements

  • 2 years of experience in a technical or security role
  • Information security certification is an advantage (CISSP or CISM)
  • Experience with security and privacy frameworks (SOC2, ISO27001, HIPAA, PCI, NIST, CSA, EU Privacy Shield)
  • Experience writing professional requirements and policy documents
  • Experience with cybersecurity concepts, protocols, processes, architectures and tools
  • Excellent English, written and verbal communications skills (Native)
  • Hands-on, fast learner, good team working skills and highly motivated
  • Knowledge of Information Security/Risk Management best practices
  • Understanding of business and technical risk, how to translate between the two and communicate to various levels of technical and business stakeholders

Help us maintain the quality of jobs posted on We Work Remotely. Let us know if this job isn’t really remote.

Apply for this position

jobs1@scheduleonce.com