Security & Compliance Consultant (Mid-Senior level)

Our Mission, Your Success:

We connect professionals with top U.S. start-ups, helping talented individuals build successful careers. Our goal is to create exclusive career opportunities while attracting, retaining, and developing the best talent.

Our Client, Your Impact!

Our well-funded US client is a leading team of experts, delivers flexible IT services and is trusted by growing businesses like yours. They’re bridging the gap between IT and People by offering unique support based on the needs of growing businesses, and making employee lives easier through technology.

Responsibilities:

• Lead end-to-end compliance engagements as the primary client advisor, driving readiness across frameworks such as SOC 2, ISO 27001, GDPR, HIPAA, PCI DSS, HITRUST, and NIST CSF.
• Own audit readiness and execution, including gap assessments, control validation, evidence collection, and direct coordination with auditors to ensure successful, low-friction certifications.
• Assess and manage risk across client environments, identifying gaps, defining mitigation strategies, and implementing governance processes that strengthen security posture and operational resilience.
• Translate complex compliance requirements into clear, actionable remediation roadmaps, enabling client teams to execute effectively and meet audit timelines.
• Drive continuous compliance operations, managing compliance calendars, reporting cadences, renewals, and third-party assessments across multiple client engagements.
• Act as the central liaison between clients, auditors, and vendors, ensuring strong communication, alignment, and seamless delivery of compliance programs.
• Deliver security awareness training and advisory, educating stakeholders on best practices, evolving regulations, and recommending tools (SIEM, EDR, MDM) in collaboration with IT teams.

Technical Familiarity

Candidates should have a solid understanding of modern security and technology environments, including
- Cloud platforms such as AWS, Google Cloud Platform (GCP), and Microsoft Azure, with exposure to IAM, network security, and logging.
- Security and compliance tools like Drata, Vanta, Delve, or similar GRC automation platforms.
- Identity and access management solutions, including Okta, Azure AD, and Google Workspace.
- Endpoint security and detection tools (e.g., CrowdStrike, SentinelOne, Huntress) along with MDM solutions such as Jamf, Kandji, or Mosyle.
- Ticketing and collaboration tools (Jira, Asana, Notion, Slack) used for compliance tracking, documentation, and workflows.
- Networking and SaaS security fundamentals, including VPNs, SSO, access reviews, and data protection in distributed environments.

Requirements:

• 5+ years of experience in compliance, audit readiness, or GRC consulting, ideally in a client-facing capacity.
• Demonstrated success leading SOC 2 and/or ISO 27001 readiness engagements from start to finish.
• Strong understanding of information security principles, control frameworks, and risk management methodologies.
• Excellent communication skills, with the ability to effectively advise executives, auditors, and technical teams.
• Strong project management and prioritization skills, with experience managing multiple client engagements simultaneously.

Other Details:

• Working Hours: 6 PM - 2:30 AM (Prishtina, Tirana, Skopje time)
• Private health insurance.
• Access to top-quality office equipment provided by the company

We are looking for individuals who:

• Are available for full-time engagement.
• Consider this role as their primary professional commitment (main role).

Join our innovative team and contribute to impactful IT solutions that drive progress in our client's team. If you are a motivated self-starter with a passion for IT, systems administration and operations, we would invite you over to apply!