Position Overview

The Security Compliance Manager is a hands-on individual contributor responsible for the operational execution, validation, and continuous monitoring of security controls across the organization. This role ensures that security policies are not only defined but implemented in practice, measurable, and audit-ready across all business units, products, and environments. The role works closely with R&D, IT, Product and business teams.

Key Responsibilities

• Execute and maintain the security compliance program across frameworks including ISO 27xxx, SOC 2, DORA and emerging standards such as ISO 42001, CRA, and EU AI Act.
• Own the control validation process, ensuring controls are implemented both in policy and in practice.
• Maintain and operate the central control repository, including control status, ownership, evidence and field implementation.
• Collect, review and validate audit evidence. Coordinate internal and external audits from preparation through remediation tracking.
• Track and report compliance gaps, drive remediation and follow up until closure including maintaining a structured remediation backlog across R&D, IT and business units.
• Work with control owners across R&D, IT and business units to ensure alignment and accountability.
• Monitor compliance posture and provide regular reporting and dashboards to the CISO.
• Support third-party and customer compliance requests by providing accurate control and evidence information.
• Support compliance aspects related to AI systems and usage, including alignment with internal AI security guidelines and emerging AI regulations.

Requirements

• 3 to 5 years of experience in information security, compliance or audit.
• Hands-on experience with security control assessments and evidence validation.
• Strong knowledge of ISO 27xxx, SOC 2, GDPR, and DORA.
• Experience working with GRC tools or control management platforms.
• Understanding of technical environments including cloud, applications, infrastructure and security controls.
• Ability to manage a structured remediation backlog and drive closure across multiple stakeholder teams.
• Strong attention to detail with the ability to track and manage multiple controls and requirements simultaneously.
• Excellent written and spoken English. Strong communication skills with senior and cross-functional stakeholders.
• Proven ability to execute, follow through and ensure closure of compliance activities.

Advantages

• Familiarity with AI-related regulations such as ISO 42001, CRA, or the EU AI Act.
• Experience with AI governance or AI security compliance programs.
• Relevant certification such as CISA, ISO 27001 Lead Auditor, or equivalent.

Sapiens is an equal-opportunity employer. We value diversity and strive to create an inclusive work environment that embraces individuals from diverse backgrounds.