Cybersecurity and Global Risk and Compliance Manager

Who We Are

At Platform Science, we’re working to connect everything that moves. Founded in 2015, we are an open IoT platform that partners with innovative fleets, application developers, vehicle manufacturers, and equipment providers in the transportation industry to deliver revolutionary solutions to supply chain professionals across the globe.

Our employees are an engaging, diverse group of people who believe in the power of great ideas. We hire people with different experiences and perspectives to build a company culture that fuels growth through innovation. We value thoughtful actions and empathy for others. We approach challenges with resiliency and creativity, while encouraging transparency because, no matter our backgrounds or responsibilities, we are one team.

About the Role

We are seeking an experienced Cybersecurity and Compliance Manager to lead and oversee compliance efforts related to SOC2 and ISO standards across our SaaS business. The ideal candidate will be a subject matter expert (SME) in compliance management, cybersecurity, and privacy regulations, with a focus on ensuring ongoing certification and audit readiness. This role will be key in maintaining our company's leadership in cybersecurity within the telematics industry and supporting newly acquired teams and technologies.

Essential Responsibilities

• SOC2 and ISO Compliance Management: Oversee and manage the SOC2 and ISO compliance processes throughout the year, ensuring continuous readiness and maintaining certification status. Committees include but not limited to:
• 3rd Party Compliance Manager
• Data Protection Committee lead
• AI/ML Committee member
• Cybersecurity Steering Committee member
• Red Team member
• Audit Supervision: Serve as the point of contact for SOC2 and ISO audits, working closely with external auditors and internal teams to ensure successful audit completion.
• Cadence Management: Week-to-week management of key compliance activities and cadence items to maintain and improve compliance posture.
• Policy Review and Updates: Regularly review, update, and improve security and privacy policies to ensure they align with the latest industry standards and regulatory requirements, including GDPR and US privacy laws.
• Evidence Collection Automation: Act as the SME in automating and streamlining evidence collection for audits and compliance processes.
• Acquisition Integration: Lead the onboarding of newly acquired businesses into our SOC2 and ISO compliance framework, ensuring a smooth transition and full integration into existing processes.
• GDPR and Privacy Compliance: Ensure the business stays compliant with evolving GDPR and US privacy regulations, advising internal stakeholders on necessary changes or improvements.
• Consulting for IT and Security Teams: Provide SME guidance to IT for the onboarding of newly acquired Windows environments and support the integration of mobile device management for new PC users.
• Continuous Improvement of Cybersecurity and Privacy Posture: Work with cross-functional teams to identify opportunities to improve cybersecurity posture, response, and compliance to include tooling, automation, workflows, and testing.
• SOC Point of Contact: POC for external SOC provider, liaison with internal teams, track findings and mitigations; work with internal teams to develop timelines and SLA’s for resolving posture findings. Provide SME in onboarding of vendor.
• Acquisition Cyber Workstream: Provide subject matter expertise in merging acquisition employees into our cybersecurity framework (endpoint, firewall, IAM, etc.)
• Cybersecurity Leadership: Collaborate with cross-functional teams to ensure best practices in cybersecurity are maintained across all business areas, including acquisitions and newly integrated environments.

Experience

• Proven experience managing SOC2 and ISO 27001 compliance in a SaaS or technology company.
• Strong knowledge of GDPR, US privacy laws, and evolving global privacy requirements.
• Expertise in audit management, including serving as a primary point of contact for external auditors.
• Experience with evidence collection automation and managing compliance cadence activities.
• Ability to integrate newly acquired teams and systems into existing security and compliance processes.
• Experience working with Windows environments and mobile device management for PCs.
• Strong communication and leadership skills, with the ability to work across departments and with external stakeholders.
• Preferred Qualifications:
• Certifications such as CISSP, CISM, ISO 27001 Lead Implementer/Auditor, or equivalent.

Platform Science Benefits Highlights

The company offers various benefits to regular, full-time employees including:

• Medical, dental, and vision insurance
• Short-term and long-term disability insurances
• AD&D and life insurance
• 401k plan
• Paid vacation, sick leave, and holidays
• Six weeks of paid parental leave

For more information please see the Benefits Highlights brochure for regular, full-time employees.

This is an exempt role. Our job titles for each posting may span across more than one job level. The estimated base salary for this role is between $148,384 and $195,000 . The range displayed on each job posting reflects the minimum and maximum target range for new hire base salaries across all US locations. Compensation packages are based on many factors unique to each candidate, including but not limited to skill set, work experience, relevant trainings and certifications, business needs, market demands, and specific geographical location. The base pay range is subject to change and may be modified in the future. This role may also be eligible for bonus, equity, and benefits.

Beware job scams! Our recruiters use @platformscience.com emails only. We don’t interview via text/message. We don't ask for software downloads (except Zoom) or sensitive info (like SSN/bank). Suspect fraud? Report it to law enforcement &