- Company Name
- TRYBE
- Job Title
- Compliance Manager
- Job Description
-
Job title: Compliance Manager
Role Summary: Own and continuously improve the company’s Information Security Management System (ISMS) and oversee all security, privacy, and fiscal compliance programs across multiple jurisdictions. Lead ISO 27001 implementation, internal audit cycles, and readiness for recertification while driving U.S. data security initiatives (HIPAA) and European fiscal obligations (NF 525, other EU markets). Collaborate cross‑functionally to embed compliance into engineering, operations, finance, and customer success workflows.
Expectations:
- Demonstrate proactive ownership of the ISMS and all compliance domains.
- Deliver measurable improvements in security posture, audit readiness, and regulatory fulfilment.
- Demonstrate strong stakeholder influence and a results‑oriented, hands‑on approach.
Key Responsibilities:
1. Manage the end‑to‑end ISO 27001 ISMS, maintaining alignment with the standard and driving continual improvement.
2. Lead internal audits, risk assessments, corrective actions, and surveillance activities for ISO 27001 recertification.
3. Develop, author, and maintain policies, procedures, and documentation covering security, privacy, and compliance.
4. Oversee U.S. data security and privacy compliance, progressing the organization toward HIPAA readiness.
5. Manage European fiscal compliance: lead NF 525 certification efforts in France and monitor compliance across other EU markets.
6. Partner with Engineering, Operations, Finance, and Customer Success to embed compliance controls into business processes.
7. Conduct vendor, customer, and internal compliance reviews; respond to due‑diligence questionnaires and RFP security requirements.
8. Support incident response planning, testing, and continuous refinement.
9. Provide training and awareness programs to reinforce a compliance culture.
10. Serve as the internal subject matter expert on security, privacy, and fiscal compliance, staying current on evolving standards and threats.
Required Skills:
- Proven experience managing an ISO 27001 ISMS end‑to‑end.
- ISO 27001 Lead Implementer, Lead Auditor, or equivalent certification.
- Practical knowledge of U.S. data security practices; familiarity with HIPAA.
- Experience with European fiscal compliance, ideally NF 525 exposure.
- Strong understanding of compliance frameworks, risk management, and internal control systems.
- Excellent documentation and attention to detail.
- Cross‑functional collaboration and stakeholder influence at all levels.
- Problem‑solving mindset with a proactive, can‑do attitude.
- Ability to thrive in a fast‑paced, scaling environment.
Required Education & Certifications:
- Bachelor’s degree in Information Security, Business Law, Finance, or related field.
- ISO 27001 Lead Implementer and/or Lead Auditor certification.
- Additional certifications in security/privacy (e.g., CISSP, CISA, CISM) and fiscal compliance (e.g., NF 525, French fiscalisation) are desirable.