Security Compliance Manager

Position Overview

The Security Compliance Manager is a hands-on individual contributor responsible for the operational execution validation and continuous monitoring of security controls across the organization. This role ensures that security policies are not only defined but implemented in practice measurable and audit-ready across all business units products and environments. The role works closely with R&D IT Product and business teams.

Key Responsibilities

• Execute and maintain the security compliance program across frameworks including ISO 27xxx SOC 2 DORA and emerging standards such as ISO 42001 CRA and EU AI Act.
• Own the control validation process ensuring controls are implemented both in policy and in practice.
• Maintain and operate the central control repository including control status ownership evidence and field implementation.
• Collect review and validate audit evidence. Coordinate internal and external audits from preparation through remediation tracking.
• Track and report compliance gaps drive remediation and follow up until closure including maintaining a structured remediation backlog across R&D IT and business units.
• Work with control owners across R&D IT and business units to ensure alignment and accountability.
• Monitor compliance posture and provide regular reporting and dashboards to the CISO.
• Support third-party and customer compliance requests by providing accurate control and evidence information.
• Support compliance aspects related to AI systems and usage including alignment with internal AI security guidelines and emerging AI regulations.

Requirements

• 3 to 5 years of experience in information security compliance or audit.
• Hands-on experience with security control assessments and evidence validation.
• Strong knowledge of ISO 27xxx SOC 2 GDPR and DORA.
• Experience working with GRC tools or control management platforms.
• Understanding of technical environments including cloud applications infrastructure and security controls.
• Ability to manage a structured remediation backlog and drive closure across multiple stakeholder teams.
• Strong attention to detail with the ability to track and manage multiple controls and requirements simultaneously.
• Excellent written and spoken English. Strong communication skills with senior and cross-functional stakeholders.
• Proven ability to execute follow through and ensure closure of compliance activities.

Advantages

• Familiarity with AI-related regulations such as ISO 42001 CRA or the EU AI Act.
• Experience with AI governance or AI security compliance programs.
• Relevant certification such as CISA ISO 27001 Lead Auditor or equivalent.

Sapiens is an equal-opportunity employer. We value diversity and strive to create an inclusive work environment that embraces individuals from diverse backgrounds.