Security Compliance Manager

Working with the Senior Director of Information Security, the Compliance Manager role at Level Access will be responsible for ensuring that the organization adheres to legal standards, compliance frameworks and internal policies related to information security and data protection, helping Level Access meet its goal of being the most secure company in digital accessibility. Primary responsibilities include supporting FedRAMP Authorization; supporting SOC 2 and ISO 27001 compliance; supporting cyber insurance and contractual security requirements; supporting privacy compliance; providing support with second-party audits; and helping monitor and maintain acceptable levels of risk.

• Compliance Management: Implement and monitor regular compliance activities, ensure corrective actions are implemented in a timely manner, and work with cross-functional teams to maintain compliance with established controls.
• Metrics, Reporting, and Automation: Establish and maintain vulnerability and compliance metrics and reporting mechanisms utilizing automation and tools to streamline compliance processes and ensure timely and accurate reporting.
• Third Party Audits: Coordinate and lead customer and third-party audits to ensure compliance with ISO 27001, SOC 2, and other applicable standards and regulations, acting as the primary point of contact for auditors and facilitate the audit process.
• Internal Audit: Run and conduct the internal audit program to validate key controls and facilitate external compliance objectives.
• Verification and Review: Coordinate annual verification activities such as external assessments, business continuity testing, and business impact analysis to validate key controls and identify deficiencies.
• Vendor Management: Perform security and privacy vetting of proposed and incumbent vendors to handle risks through supplier relationships.
• Tactical Projects: Oversee tactical projects to mitigate risk, enhance compliance, facilitate business operations, or enhance efficiency.
• Documentation: Develop and retain control documentation and other documentation to facilitate compliance and communicate requirements.

1. Bachelor's degree in a business or technical field and three to five years of experience, or equivalent work experience of four to six years.
2. Familiarity with security or compliance standards such as ISO 27001, AICPA SOC 2 or ISO 9001.
3. Exposure to technical disciplines such as ITSM, software development, infrastructure or computer networks.
4. Keen proponent of formal business processes, with a bias towards automation.
5. Analytical and problem-solving skills, with the ability to prioritize and handle various tasks in a fast-paced environment.
6. Good communication and interpersonal skills, with the desire to work collaboratively.
7. Attention to detail and a proactive approach to identifying and mitigating risk.

1. Interest or prior experience within information security and data privacy
2. Security certifications and/or formal education
3. Understanding of web accessibility

If you are hardworking and are looking for an opportunity to be a part of a growing SaaS a11y company, we encourage you to apply for this role! This is a full-time salaried position with a competitive benefits package, including medical insurance, unlimited vacations/FTO. Salary is commensurate with experience. Please submit your cover letter and resume in English for immediate consideration!

Level Access is committed to workforce diversity. Equal Opportunity Employer. Copyright 2025, Level Access. All rights reserved.