IT & Information Security Compliance Manager (Automation & Certifications)
1Kosmos · Edison, NJ · 1 mo ago
LegalFull-time
Key Responsibilities
- Lead and maintain enterprise security and compliance programs aligned with SOC 2, ISO 27001/27002, FedRAMP High, and NIST 800-53/171 frameworks.
- Build and manage automated compliance monitoring and evidence collection through Drata, Vanta, or equivalent platforms; integrate these with internal systems (ticketing, HRIS, cloud providers, etc.).
- Prepare for and manage SOC 2 Type I/II, ISO audits, and FedRAMP readiness assessments: gap analysis, documentation, remediation, and control testing.
- Partner with IT Operations and Engineering to ensure security controls are embedded in infrastructure, cloud, network, and identity systems.
- Maintain and update security policies, SSPs, POA&Ms, and other audit documentation.
- Oversee incident response, change management, and vendor risk programs to ensure consistent compliance coverage.
- Manage relationships with external auditors and compliance assessors.
- Define and track metrics for audit readiness, risk posture, and compliance automation efficiency.
- Stay current with evolving compliance frameworks and technologies that can improve assurance automation.
- Champion security awareness, training, and continuous improvement across the organization.
Qualifications
- Must-Have: 6 + years of experience in IT security, compliance, or risk management within a SaaS or regulated technology environment. Proven experience managing SOC 2 and ISO 27001 programs end-to-end; exposure to FedRAMP High or NIST 800-53 is a plus.
- Hands-on use and administration of Drata, Vanta, Tugboat Logic, or equivalent compliance automation platforms.
- Strong technical understanding of security controls: network, endpoint, access, configuration management, logging/monitoring, vulnerability management.
- Excellent documentation and communication skills — able to translate control requirements into clear operational actions.
- Experience leading internal or external audits and managing evidence collection efficiently.
- Based in (or willing to relocate to) Edison, NJ and work on-site with our leadership and operations teams.
Benefits
- Comprehensive health, dental, and vision coverage
- 401(k)
- Paid time off
- Professional development budget
- Certification reimbursement