CrawlJobs Logo

Security and Compliance Lead

corporatetools.com Logo

Corporate Tools

Location Icon

Location:

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

110000.00 - 120000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

We’re on the hunt for a hands-on, sharp-thinking Security & Compliance Lead to level up the physical and operational security of our data center. If you thrive in fast-moving environments, love solving complex problems, and know how to turn policy into action you’ll fit right in. In this role, you’ll be the go-to expert on everything from physical access controls and compliance standards to threat detection and incident response. You’ll work closely with IT, facilities, and leadership teams to build smart strategies, lead investigations, and keep our data center rock-solid. Think of yourself as part detective, part strategist, part guard dog; helping us stay ahead of threats with layered defenses, real-time monitoring, and a strong culture of security awareness. Whether you’re jumping into a live incident or preparing for the next big audit, you’ll have the autonomy to make smart calls and the trust to follow through.

Job Responsibility:

  • Develop and maintain security policies, standards, and baseline configurations for the data center
  • Enhance layered physical security systems, including CCTV, badge readers, biometrics, and intrusion alarms
  • Manage 24/7 access controls, including visitor management, staff clearances, badge systems, and vendor accreditation
  • Lead risk assessments (e.g., FMEA, threat modeling), identify vulnerabilities, and recommend remediation
  • Ensure compliance with standards like SOC 2, ISO 27001, and PCI DSS
  • coordinate audits and maintain audit-ready documentation
  • Serve as Incident Commander or key responder for physical breaches, alarms, or policy violations
  • lead investigations and reporting
  • Maintain and improve incident response playbooks
  • train staff on protocols and best practices
  • Deploy and manage security monitoring tools (e.g., SIEM, physical access logs) and define KPIs for access attempts and compliance health
  • Deliver regular security reports to leadership and key stakeholders
  • Run training and awareness programs for staff and contractors on physical security and compliance
  • Oversee vendor and third-party compliance through assessments, audits, and contractual reviews
  • Continuously improve security posture by applying industry best practices and staying current on emerging threats and technologies

Requirements:

  • Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or equivalent experience in security and compliance
  • 5+ years in security, compliance, or audit roles within IT infrastructure or data centers
  • Demonstrable experience managing SOC 2, ISO 27001, PCI DSS, HIPAA, or GDPR compliance
  • Hands‑on familiarity with physical security systems like CCTV, badge control, biometric access, and alarms
  • Deep knowledge of SIEM systems, incident response frameworks, and risk assessment methodologies
  • Comfortable with networking/physical infrastructure concepts: VLANs, firewalls, environmental sensors, racks
  • A great human
  • Strong leadership and interpersonal skills
  • A person who gets things done themselves with or without a team
What we offer:
  • 100% employer-paid medical, dental and vision for employees
  • Annual review with raise option
  • 22 days Paid Time Off accrued annually, and 4 holidays
  • After 3 years, PTO increases to 29 days. Employees transition to flexible time off after 5 years with the company—not accrued, not capped, take time off when you want
  • The 4 holidays are: New Year’s Day, Fourth of July, Thanksgiving, and Christmas Day
  • Paid Parental Leave
  • Up to 6% company matching 401(k) with no vesting period
  • Quarterly allowance
  • Use to make your remote work set up more comfortable, for continuing education classes, a plant for your desk, coffee for your coworker, a massage for yourself... really, whatever
  • Open concept office with friendly coworkers
  • Creative environment where you can make a difference
  • No dumb benefits like free dog walking on the weekends that snobby hipster places have to make you feel cool, but mathematically won't cost the company much money because you won't use it
  • Trail Mix Bar

Additional Information:

Job Posted:
December 07, 2025

Icon
Corporate Tools - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Security and Compliance Lead

Lead Security Analyst

Provide technology consulting to external customers and internal project teams. ...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or Master's degree in Computer Science, Information Security, or related field
  • Minimum 10 years in IT security, with at least 5 years in a leadership role
  • Proven experience with enterprise firewalls (Palo Alto, Fortinet, Check Point)
  • Strong cloud security knowledge (AWS, Azure, Google Cloud)
  • Experience with DDoS mitigation tools (Cloudflare, Akamai, AWS Shield)
  • Proficiency with Burpsuite
  • Hands-on with SIEM, SOAR, EDR, and vulnerability management tools
  • Strong analytical thinking and problem-solving ability
  • Excellent communication and stakeholder management
Job Responsibility
Job Responsibility
  • Develop and maintain the IT security roadmap aligned with cloud and enterprise infrastructure
  • Lead security design reviews for new systems, services, and cloud deployments
  • Deploy, configure, and manage network security appliances (e.g., next-gen firewalls, IDS/IPS, WAF)
  • Implement cybersecurity protocols including endpoint protection, identity management, and access control
  • Design and operate DDoS protection mechanisms for critical systems
  • Enforce security measures across public, private, and sovereign cloud environments
  • Monitor and audit cloud configurations for compliance with ISO 27001, NIST, CIS, etc.
  • Lead threat modeling, risk assessments, and vulnerability management
  • Oversee incident detection, response, and recovery processes
  • Ensure compliance with GDPR, HIPAA, PCI-DSS, and other regulations
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

Security Lead – Cloud & IT Security

HPE Operations is our innovative IT services organization. It provides the exper...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or Master's degree in Computer Science, Information Security, or related field
  • Minimum 10 years in IT security
  • At least 5 years in a leadership role
  • Proven track record in deploying and managing enterprise firewalls (e.g., Palo Alto, Fortinet, Check Point)
  • Strong knowledge of cloud security for AWS, Azure, and/or Google Cloud
  • Experience with DDoS mitigation solutions (e.g., Cloudflare, Akamai, AWS Shield)
  • Experience with Burpsuite
  • Hands-on knowledge of SIEM, SOAR, EDR, and vulnerability management tools
  • Strong analytical thinking
  • Problem-solving ability
Job Responsibility
Job Responsibility
  • Develop and maintain the organization's IT security roadmap aligned with cloud and enterprise infrastructure
  • Lead security design reviews for new systems, services, and cloud deployments
  • Deploy, configure, and manage network security appliances including next-generation firewalls, IDS/IPS, and web application firewalls
  • Implement and maintain cybersecurity protocols, including endpoint protection, identity management, and access control policies
  • Design and operate DDoS protection mechanisms to ensure availability of critical systems
  • Implement and enforce security measures in public, private, and sovereign cloud environments
  • Monitor and audit cloud configurations to ensure compliance with industry standards (ISO 27001, NIST, CIS, etc.)
  • Lead threat modeling, risk assessment, and vulnerability management initiatives
  • Oversee incident detection, response, and recovery processes to minimize business impact
  • Ensure adherence to regulatory and compliance requirements such as GDPR, HIPAA, PCI-DSS
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

Country Security Lead

The Country Security Lead (CSL) for ASML China acts as the local representative ...
Location
Location
China , Shanghai
Salary
Salary:
Not provided
asml.com Logo
ASML
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 10 years (Information) Security experience
  • Minimum of 8 years experience with physical security
  • Minimum of 5 years IT working experience
  • Able to engage with Senior Leadership in China
  • Ability to build strong, trusting relationships with technical and non-technical user base
  • Highly-motivated, with a strong work ethic and able to work effectively under minimal supervision
  • Excellent verbal and written communication skills in English and Mandarin
  • Excellent multi-tasking skills
  • Enterprise Security risk expertise: Strong understanding of risk frameworks, strategic security risk mgt, policy management, and business continuity management
  • Security Risk mitigation & advisory: Ability to identify, assess, manage and monitor security risk mitigation strategies at a country level
Job Responsibility
Job Responsibility
  • Responsible for managing the China security organization on behalf of the CISO of ASML, driving the development and delivery of security services in China
  • Challenge and verify the adequate performance of security controls in China, against ASML and China risk appetite and as executed by the first line of responsibility in the sectors in China
  • Execute the central security strategy as determined by the CISO and adding country specific aspects to it to improve security maturity
  • Collaboration with the 1st line sector SRMs to identify, assess and mitigate security risks, overseeing and reporting via the China Virtual Security Team (VST)
  • Identify improvement opportunities together with the 1st line sector SRMs’ and the 2nd line team in terms of processes and activities
  • Provide necessary support for improvements and will act in a pivotal role to bring (security) teams together where needed
  • Overseeing the development of country specific response plans, assuring the timely and thorough handling of security indents under coordination of the central Security Operations Centre
  • Ensuring adherence to centrally determined or country specific laws and regulations related to information security
  • Act on behalf of the CISO of ASML and work closely together with the 1st line country SRM’s to define and execute a joined security roadmap for China
  • Assure the capabilities as required by the central Second Line Security, Intelligence Fusion Centre and Security Operations Center teams are developed and maintained, as well as organizing Security activities related to risk culture and awareness initiatives
  • Fulltime
Read More
Arrow Right

Security Chapter Lead

Lead our security strategy, governance, and operations across a consortium-based...
Location
Location
Luxembourg , Leudelange
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information Security, Computer Science, or related field
  • CISSP, CISM, CISA preferred
  • 10+ years of experience in information security
  • Strong knowledge of security frameworks (NIST CSF, CIS Controls, OWASP Top 10)
  • Proven leadership of cross-functional security teams in complex environments
  • Excellent communication, stakeholder management, and decision-making skills
Job Responsibility
Job Responsibility
  • Define and execute the organization's security strategy, roadmap, and governance framework
  • Lead and organize the Security Office, collaborating with cross-functional squads and chapters
  • Establish and enforce security policies, standards, and compliance with regulations
  • Drive security architecture, engineering, and adoption of security-by-design principles
  • Oversee security awareness, training programs, and promote a culture of security-first thinking
  • Ensure compliance with regulatory and contractual security requirements
  • Lead security operations, monitoring, and incident response, including the Security Incident Response Team
What we offer
What we offer
  • Access to Sopra Steria training and personal development academy
  • Company car lease or mobility budget
  • Company laptop and mobile phone
  • Private health insurance coverage
  • Meal vouchers
  • Social security and pension plan
  • Competitive salary
  • 26 holiday days
  • Fulltime
Read More
Arrow Right

Senior Information Security Compliance Analyst

We're looking for a technically grounded Senior IS Compliance Analyst who speaks...
Location
Location
United States , Chicago
Salary
Salary:
90000.00 - 130000.00 USD / Year
blumeglobal.com Logo
Blume Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on experience in technical security roles such as Security Operations, Incident Response, Security Analysis, penetration testing, or similar
  • Practical knowledge of security tools, SIEM platforms, vulnerability management, and security monitoring
  • and ability to read and understand security logs, configurations, and technical documentation
  • 6+ years of total experience with significant time in GRC
  • Working knowledge of ISO 27001, NIST frameworks, SOC 1/2, and GDPR requirements
  • Experience developing and implementing information security policies and controls
  • ISO 27001:2022 Lead Implementer and Lead Auditor certification
Job Responsibility
Job Responsibility
  • Lead technical security assessments and integration of acquired companies, mapping their security architectures and controls to our GRC frameworks, identifying gaps, and building remediation roadmaps that address both technical security and compliance alignment
  • Bridge technical security and business stakeholders by evaluating risks through a technical lens, working alongside security engineering teams to translate GRC requirements into practical security measures, and communicating effectively across technical and non-technical audiences
  • Develop and harmonize security policies and control frameworks across acquired entities, ensuring they're both audit ready and operationally sound, while translating between technical security requirements and governance documentation
  • Own customer security questionnaire responses by leveraging your hands-on security background to provide detailed, accurate answers and collaborating with infrastructure, application security, and operations teams to gather technical evidence
  • Drive continuous improvement of our GRC program through technical security enhancements, meaningful security and compliance metrics, and process improvements that increase both control effectiveness and operational efficiency
What we offer
What we offer
  • health and welfare benefits
  • tuition assistance
  • 401K savings and other retirement programs
  • employee assistance programs
Read More
Arrow Right

Health, Safety and Security Lead

Safeguarding People, Places, and Standards Across Every Site. As Health, Safety ...
Location
Location
United Kingdom , Birmingham, Bristol, Leeds, Manchester, Marlow, South Coast
Salary
Salary:
Not provided
softcat.com Logo
Softcat
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A strong and effective communicator, who can influence management and executives
  • Degree/ qualifications in Health and Safety Management/NEBOSH/IOSH Level 6 or above would be desirable
  • Updated understanding of health and safety principles with proven technical skills in occupational safety and health disciplines would be beneficial
  • Proficiency in H&S Software & tools would be beneficial
  • Proven experience in H&S roles within construction/engineering/facilities/offices
  • Strong knowledge of updated health and safety legislation, regulations, and industry standards
  • Proven Management and problem solving skills would be advantageous
Job Responsibility
Job Responsibility
  • Overseeing health, safety, and security compliance, training, investigations, risk management, emergency response, and global safety systems, enforcing Softcat's policies regionally
  • Developing and communicating security protocols, access control standards, technical solutions, and emergency preparedness, liaising with local authorities as needed
  • Leading the development of a strong Health & Safety culture, collaborating on policy with Legal and HR, and ensuring compliance with all relevant legislation and ISO standards
  • Creating and implementing project-specific health & safety strategies, conduct risk assessments (GRA, FRA, DSE, DDA), and maintain accident management and reporting tools
  • Managing daily safety and security operations, audits, third-party consultants, and contract security personnel across UK and international offices
  • Coordinating with internal teams and stakeholders, deliver training, manage insurance risk, and support business continuity, crisis management, and compliance initiatives
What we offer
What we offer
  • Pension
  • Share incentive plan
  • Life Assurance
  • Healthcare
  • Holiday
  • Trips
  • Vouchers
  • Partner/family Benefits
  • Perklife
  • Maternity, Paternity and Adoption support
  • Fulltime
Read More
Arrow Right

Security Compliance Officer

As an IT compliance manager, you are part of the information security team. This...
Location
Location
Netherlands , Diemen
Salary
Salary:
Not provided
https://www.randstad.com Logo
Randstad
Expiration Date
February 28, 2026
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information Technology, Cybersecurity, or a related field
  • Certified Lead Auditor in ISO 27001:2013 or 2022 standard
  • At least 5 years of experience in conducting internal audits and implementing information security best practices
  • Strong understanding of information security principles, controls, and frameworks
  • Basic understanding and some experience in Third-Party Risk Management (TPRM) is preferred but not mandatory
  • Excellent communication and interpersonal skills, with the ability to collaborate effectively with diverse teams
  • Able to prepare concise reports for senior management, including C-level
  • Proficiency in relevant tools and technologies related to information security auditing
  • Good command of the English language
  • Excellent analytical skills
Job Responsibility
Job Responsibility
  • Improve Information security 2nd line of defense role at Randstad Global, in overseeing risk and monitoring of IT and IS related first-line-of-defense controls in our Operating Companies/markets
  • Conduct periodic internal compliance reviews / audits to assess and enhance the effectiveness of the information security management system of operating companies/markets , adhering to ISO 27001 standard
  • Ensure compliance with regulatory requirements and industry best practices
  • Perform gap analysis to evaluate the effectiveness and compliance of operational processes with our corporate security policies and guidelines
  • and provide recommendations to identify areas for improvement, with proposed remediation
  • Provide guidance to our colleagues located globally in becoming compliant with our control frameworks
  • Prepare comprehensive audit reports, highlighting findings and recommendations for improvement
  • Fulltime
Read More
Arrow Right

Information Security Risk Lead

The Information Security Risk Lead is responsible for driving efforts to support...
Location
Location
Thailand , Bangkok
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master’s/Bachelor’s/University degree or equivalent experience in Computer Science, Cyber Security, Computer/Information Engineering, Information Technology or a related discipline is preferred
  • One or more industry-recognized cybersecurity-related certifications such as CISSP, CISA, CISM, CRISC, ISO 27001
  • 6 - 10 years or above of relevant experience in Cyber Security Management / Cyber Security Operations / Technology Risk Management / Third-party Risk Management or IT Audit, preferably with experience gained from banking / finance services industry / consultancy / control compliance or legal disciplines
  • Experience in assessing cyber regulatory compliance from BOT, SEC etc.
  • Strong understanding of International Standards/Frameworks such as: NIST, ISO 27001series, COBIT, CIS, GDPR, DORA, etc.
  • Proficient in interpreting and applying policies, standards and procedures
  • Excellent project management and organizational skills (PMP, PRINCE2, etc. is a plus)
  • Strong consultation, reporting writing and communication skills with highly proficiency in both spoken and written English and Thai
  • Thai language fluency is a must.
Job Responsibility
Job Responsibility
  • Manage and validate deliverables of all Information Security (IS) programs, ensuring closure per agreed timelines and goals
  • Engagement with local regulators BOT, SEC, TB-CERT, Thai-CERT, MDES, NCSA, etc. on IS related matters
  • Manage regulatory exams and internal & external audits
  • Work closely with Global & Regional Information Security teams to improve processes and reduce risk, and support the IS regulatory related activities for Thailand
  • Manage internal/external resources to organize cyber-attack simulations exercise, coordinating and overseeing vulnerability, mitigation/remediation/correction action plans, and issues management process
  • Accountable for delivery of the associated remediation from regulatory assessments
  • Proficiency in preparing periodic updates / reports / presentation deck for both internal stakeholders and regulators
  • Provide timely and appropriate updates to regional and global stakeholders
  • escalate issues in a timely manner to senior management
  • Build and develop partnerships with business, IT, risk, compliance, IS, senior management staff and stakeholders
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy