The Compliance Manager leads the global risk and compliance security program, focusing on policy development, compliance audits, and risk assessments in a SaaS environment.
We are seeking a Compliance Manager to contribute to the continued development and growth of our risk management and compliance program. This individual will be responsible for improving a global risk and compliance security program at a fast paced international company. This position serves as the internal compliance manager that will oversee and be responsible for the designing, implementing, supporting and maintaining of policies and security solutions to support ActiveCampaign’s SOC2 and ISO 27001 within a SaaS application environment. The Compliance Manager is responsible for managing and executing several simultaneous initiatives and must be highly organized.
What your day could consist of:
- Champions and leads the ISMS program at an enterprise level, including the development and management of policies and procedures
- Works within the cross-functional team members and departments to internally audit and collect evidence for implemented security controls
- Responsible for working with Customer Success resources to assist with information security questionnaires and RFI’s for customers, partners and vendors
- Development and maintenance of a security and compliance knowledge base, utilized to respond to information security questionnaires and RFI’s
- Prepares metrics on the effectiveness of the compliance programs, including implementation KPIs for initiatives
- Leads the ISO 27001 and SOC2 / Type 2 program, working with internal and external auditors
- Participates as a member of the Incident Response Team (IRT) to assist with oversight as it relates to the ISMS and SOC2 programs
- Schedules and supports third party pen testing, vulnerability monitoring, security audits, and risk assessments
- Audits and regularly evaluates company performance for compliance to information security standards
- Leads the operational risk board and maintains the risk registry
- Performs additional duties as required
- Assists with the development, rollout and delivery of security awareness training
- Works with the Procurement team to perform security related risk assessments within the supplier relationship management program
- Works with Legal new regulations and participates in discussions regarding new compliance needs
What is needed:
- BS in Computer Science, Information Systems, IT or equivalent experience
- 5+ Years’ experience within an information technology/security role supporting cloud-based solutions
- Excellent written and verbal communication skills for effective interaction with team members, customers, partners, and auditors
- Experience with ISMS governance models (such as NIST), information security roles, and creating and implementing security controls ISO, ITIL, NIST, PCI, and SOC
- Strong risk management and auditing experience
- Experience with data privacy regulations such as GDPR and Privacy Shield
- Certification CISSP, CISA, CISM, CompTIA, GSEC, CEH, or similar certification relating to information security preferred
- Experience defining, driving, and executing a program vision with clear milestones
Top Skills
Cloud-Based Solutions
Gdpr
Information Security Solutions
Isms
Iso 27001
Itil
Nist
Pci
Soc2
ActiveCampaign Chicago, Illinois, USA Office
Located in the heart of the Loop overlooking State Street, with views of the lake and Millennium Park with easy access to the Metra & CTA stations.
Similar Jobs
Artificial Intelligence • Healthtech • Professional Services • Analytics • Consulting
Manage the Compliance, Privacy & Risk Practice, focusing on developing capabilities to help clients navigate risks and improve outcomes, while ensuring revenue generation and delivery responsibilities.
Fintech • Machine Learning • Payments • Software • Financial Services
The Senior Manager is responsible for overseeing anti-money laundering compliance controls testing, leading a team, managing compliance processes, and ensuring effective risk management and regulatory adherence.
Top Skills:
Google SuiteMicrosoft Office Suite
Food • Retail • Agriculture • Manufacturing
The HR Compliance Manager will lead compliance strategy, ensure legal adherence, manage policies, and conduct training related to employment regulations in North America.
What you need to know about the Chicago Tech Scene
With vibrant neighborhoods, great food and more affordable housing than either coast, Chicago might be the most liveable major tech hub. It is the birthplace of modern commodities and futures trading, a national hub for logistics and commerce, and home to the American Medical Association and the American Bar Association. This diverse blend of industry influences has helped Chicago emerge as a major player in verticals like fintech, biotechnology, legal tech, e-commerce and logistics technology. It’s also a major hiring center for tech companies on both coasts.
Key Facts About Chicago Tech
- Number of Tech Workers: 245,800; 5.2% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: McDonald’s, John Deere, Boeing, Morningstar
- Key Industries: Artificial intelligence, biotechnology, fintech, software, logistics technology
- Funding Landscape: $2.5 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Pritzker Group Venture Capital, Arch Venture Partners, MATH Venture Partners, Jump Capital, Hyde Park Venture Partners
- Research Centers and Universities: Northwestern University, University of Chicago, University of Illinois Urbana-Champaign, Illinois Institute of Technology, Argonne National Laboratory, Fermi National Accelerator Laboratory
