Project Manager, Compliance and Security
Miratech · Los Angeles, CA · 4 days ago
On-siteDistributionFull-time
Job Description
The role is responsible for managing the Compliance and Security workstream within a complex telecom transformation program. The Project Manager will coordinate SOC 2, ISO/IEC 27001, GDPR, and related security readiness activities across Compliance, Security, IT, Engineering, Network Operations, Architecture, and delivery teams.
Responsibilities
- Build and maintain the Compliance and Security workstream plan, including milestones, deliverables, owners, dependencies, risks, assumptions, and acceptance criteria.
- Cook up SOC 2, ISO/IEC 27001, GDPR, and related audit-readiness activities across business and technical stakeholders.
- Maintain the compliance task registry, ensuring tasks are prioritized, assigned, tracked, and reported.
- Drive evidence-readiness activities, including evidence requests, collection tracking, gap follow-up, and control-owner alignment.
- Support mapping of policies, procedures, and operational practices against relevant compliance and security control requirements.
- Track gaps between documented processes and actual operational execution, especially where evidence is missing or incomplete.
- Coordinate remediation planning across Change Management, Incident Management, Access Management, Vulnerability Management, Asset Management, Logging and Monitoring, Backup and Restore, Business Continuity, Disaster Recovery, and security architecture.
- Facilitate workshops, control reviews, evidence sessions, and stakeholder checkpoints.
- Maintain RAID logs, decision logs, evidence trackers, issue registers, and executive-ready status updates.
- Escalate audit-readiness risks, missing ownership, access blockers, evidence gaps, and scope ambiguities.
- Cook up with adjacent program streams, including network transformation, ITSM, tooling, architecture governance, change governance, and program management.
- Support Change Request preparation where Compliance and Security scope extends beyond the approved program baseline.
Qualifications
- 7+ years of project or program management experience in compliance, security, IT governance, infrastructure, telecom, cloud, or enterprise technology environments.
- Experience managing SOC 2, ISO/IEC 27001, GDPR, or comparable audit-readiness and control remediation initiatives.
- Practical understanding of security controls, evidence collection, audit preparation, control ownership, and remediation tracking.
- Experience coordinating cross-functional teams across Security, Compliance, IT, Engineering, Network Operations, Architecture, and business stakeholders.
- Ability to structure delivery where scope, documentation, ownership, and operational reality are incomplete or evolving.
- Strong experience with RAID management, executive reporting, stakeholder coordination, and dependency management.
- Familiarity with Jira, Confluence, ServiceNow, SharePoint, Microsoft Project, Smartsheet, Azure DevOps, GRC platforms, or similar tools.
- Strong communication skills, with the ability to clarify ownership, challenge assumptions, and drive closure.
- Relevant certifications such as PMP, PRINCE2, Agile, CISA, CISM, CRISC, CISSP, ISO 27001 Lead Implementer, or ISO 27001 Lead Auditor are desirable.
- Nice to have: Experience coordinating evidence across fragmented platforms, acquired entities, or distributed operational teams. Understanding of ITSM, CMDB, observability, security architecture, and operational governance.