Job Description
About the Team
Our Security & Compliance Program ensures that airSlate meets its security and regulatory obligations across the company. Our work includes preparing for SOC 2 and HIPAA audits, maintaining internal security policies and documentation, supporting the compliance management platform and product Trust Centers, managing our Information Security Risk Register, completing security questionnaires for customers and prospects, and conducting vendor security assessments. We collaborate closely with Engineering, IT, Legal, and Customer-facing teams to support a strong and scalable security posture as the company grows.
And now, we are looking for a Security Program Manager who is prepared to contribute to the next chapter of our company's growth. You'll drive the day-to-day operations of our security and compliance programs, manage the implementation and optimization of compliance automation tools, coordinate cross-functional activities, and ensure our programs remain organized and effective as the company scales.
What you will be working on:
Collaborate with cross-functional teams to maintain and improve the company's comprehensive compliance program (SOC 2 Type II, NIST CSF 2.0, HIPAA, PCI DSS).Manage the end-to-end audit process for SOC 2 compliance, ensuring timely and accurate completion.Serve as a liaison between Information Security, IT, DevOps, Legal, HR, and Finance to facilitate planning, implementation, and oversight of relevant controls and requirements.Monitor and refine organizational controls to ensure ongoing compliance and risk mitigation.Support Sales efforts by providing documentation and insights on the company's Security Program and compliance processes for RFPs and enterprise projects.Support Customer Success in customer due diligence reviews of airSlate's controls and security posture, ensuring transparency and trust.Oversee the Information Security Risk Management Program, documenting identified risks, coordinating mitigation efforts, and securing risk owner signoff.Conduct security assessments of new and existing vendor relationships.Manage and maintain the company's Vanta platform, ensuring accurate and up-to-date program documentation, review coordination, and updates.Manage and monitor security awareness training for all personnel.What we expect from you:
A minimum of 4-5+ years of experience in Information Security, Compliance, Product Security, or Security Program Management roles.Practical knowledge of security frameworks and standards (SOC 2 Type II, NIST CSF 1.1/2.0, ISO 27001, etc.) and risk analysis.Analytical skills to understand objectives, evaluate risks and controls, and accurately document them.Experience managing programs or complex/multiple projects in a fast-paced, dynamic environment.Ability to build strong relationships with cross-functional teams and external stakeholders.Strong self-starter with a mentality that enables independent work with minimal supervision.High degree of personal integrity and attention to detail.Excellent written and verbal communication skills.Proficiency in English (B2-C1).Nice to have:
A degree in Computer Science, Information/Cyber Security, or a related field.Experience with Vanta and other automation platforms.