Compliance Program Manager

Company Description

At Revalize, we build the software and technology that powers sales of manufactured, complex products. Our customers rely on our software to select and sell everything from commercial ovens, to specialized pumps and valves, to grain elevators, and more. We are the global leader in sector-specific software solutions that help manufacturers optimize revenue operations through design applications, engineering simulations, product selection, CPQ, PIM, visualization, and data analytics.

Headquartered in Jacksonville, FL, we serve over 10,000 customers across the globe.

Revalize is a portfolio company of TA Associates and Hg.

Job Description

The Compliance Program Manager will oversee and maintain ISO 27001:2022 and SOC 2 compliance across multiple brands and products, ensuring alignment with security, risk, and legal requirements. They will coordinate audits, manage remediation efforts, and work closely with cross-functional teams to implement security controls. Additionally, they will track evolving regulations, advise leadership on risk posture, and enhance compliance processes.

Key Responsibilities:

• Lead ISO 27001:2022 and SOC 2 audits, ensuring continuous compliance.
• Manage compliance roadmaps across multiple business units.
• Collaborate with security, legal, and IT teams on risk mitigation.
• Oversee third-party vendor security assessments.
• Develop policies, procedures, and training for compliance awareness.

Qualifications

Requirements:

• 5-6 years of experience managing compliance programs for ISO 27001:2022 and SOC 2 in a corporate environment.
• Proven ability to oversee complex programs spanning multiple brands and products.
• Strong knowledge of risk management, audit processes, and regulatory frameworks.
• Experience working cross-functionally with security, legal, and engineering teams.
• Excellent project management and stakeholder communication skills.
• Ability to manage third-party auditors and compliance assessments.

Nice-to-Haves:

• Experience with additional frameworks (e.g., NIST, GDPR, HIPAA).
• CISSP, CISA, or other relevant certifications.
• Knowledge of cloud security compliance (AWS, Azure, GCP).
• Experience in a multinational or highly regulated industry.
• Familiarity with GRC tools and automation for compliance tracking.
• Ability to develop training programs for compliance awareness.

Additional Information

All your information will be kept confidential according to EEO guidelines. Qualified applicants will be asked to complete a 30-minute online assessment as a part of your application.