Security and Compliance Manager

ZEDEDA makes edge computing effortless, open, and intrinsically secure - extending the cloud experience to the edge. ZEDEDA reduces the cost of managing and orchestrating distributed edge infrastructure and applications, while increasing visibility, security and control. ZEDEDA delivers a distributed, cloud-native edge management and orchestration solution, simplifying the security and remote management of edge infrastructure and applications at scale. 
ZEDEDA ensures extensibility and flexibility by utilizing an open partner ecosystem with a robust app marketplace and leveraging an open architecture built on EVE-OS, from the Linux Foundation. ZEDEDA delivers instant time to value, has thousands of nodes under management and is backed by world-class investors with teams in the US, Germany and India. For more information, visit www.zededa.com

Security and Compliance Manager ZEDEDA is seeking an experienced and highly motivated Security and Compliance Manager to join our team. In this role, you will be responsible for developing, managing, and implementing security and compliance policies and procedures. You will be working closely with relevant stakeholders to ensure that ZEDEDA is fully compliant with various regulations, including SOC 2, ISO 27001, GDPR, CCPA, and others.

Responsibilities

• Implement and maintain ZEDEDA compliance initiatives and audits (SOC 2, ISO 27001, GDPR, etc.).
• Manage the annual compliance audit with internal teams and external auditors.
• Obtain, review and validate audit evidence.
• Develop, execute, and maintain security policies and procedures for compliance.
• Lead security training across the organization.
• Perform vendor and third-party security assessments.
• Consult on customer security requirements.

Technical Requirements

• Bachelor’s degree in computer science or related field
• Cyber Security, Information Security, or related field experience
• 10 years of work experience, with 5+ years of security compliance or audit-related experience in the tech industrySOC 2, ISO 27001, or GDPR auditing, or implementation experience is preferred.
• Experience managing security compliance audits of cloud environments is a plus.
• Certification preferred in one or more of the following: CISSP, CISM, CRISC, CISA, CSA Cloud platforms (AWS, Azure, or GCP)
• Experience with Vanta is a plus
• Excellent written and verbal communication skills
• Self-starter and comfortable working in a small team with cross-organizational responsibilities
• Strong understanding of Cloud environments, Linux systems, and managing access in an IT environment.

Day to Day Activities

• Reviewing the vulnerabilities security scan tools and managing the lifecycle towards closure.
• Reviewing the security practices of different products and ensuring compliance with corporate policies.
• Assisting sales in the RFE process for any security questionnaire for the sales process.
• Preparing for annual SOC, ISO audit periodsResponding to customer audit requestsReviewing contracts to minimize/mitigate risk exposure.
• Regularly reviewing and updating security policies and procedures and convening meetings with relevant stakeholders.
• Improving previous activities through progressive improvements in audits and reviews.
• Providing regular training and briefing on security and compliance topics and documenting meetings for evidence in audits.
• Keeping up with the latest trends, news, tools, and attending webinars and conferences to increase confidence in our systems and processes.
• Identifying and managing risks, maintaining regulatory and compliance calendars, and ensuring organizational compliance.
• Driving the ISO process and working with department stakeholders to gather relevant data for the audit period.
• Driving internal audit processes to ensure compliance with industry standards and regulations.

Pay & Benefits
Zededa’s main compensation philosophy is to provide you with the opportunity to progress as you grow and develop with the company.