Acting CISO / Compliance Program Manager

Posted 3 days ago

Worldwide

Summary

We are a seven-person, fully remote SaaS company building AI-powered tools to support analysis and research. Customers include universities, central banks, research institutes, and hedge funds in the US and EU. Our ISO 27001:2022 Stage 1 and Stage 2 audits are complete, with no nonconformities; ISO is now in maintenance. We are also completing our SOC 2 Type II program, using Sprinto as our GRC platform and Prescient Assurance as our auditor. Our Information Security Officer is taking parental leave beginning mid-July 2026, so we need an experienced compliance contractor to start soon, overlap for handoff, and serve as acting CISO through mid-November 2026. The engagement is about 10-15 hours/week, remote, async-friendly, and part-time. This is a *coordination and governance* role, not a hands-on engineering role. Our control framework is established and running; we are not looking for someone to build or redesign controls. Our Lead Engineer owns technical controls, infrastructure, and technical evidence. The acting CISO (you) will own the compliance program, auditor communication, governance evidence, and decision-making authority on escalated compliance issues. The primary near-term milestone is the SOC 2 Type II observation window, which closes August 15, 2026, followed by post-window fieldwork and review with Prescient Assurance. You will monitor Sprinto for alerts and evidence gaps; triage to the Lead Engineer; serve as Prescient point of contact; own governance/process evidence; respond to auditor questions; coordinate compliance-side sign-off; and track the final report. You will also manage the ongoing compliance program in Sprinto, oversee vendor and sub-processor review, respond to customer security questionnaires, HECVAT submissions, and enterprise due diligence requests, handle data subject requests within GDPR/UK GDPR timelines, and serve as approving signatory for necessary ISMS policy amendments. For high or critical incidents, you will coordinate with the Lead Engineer and outside counsel and manage GDPR breach notification obligations if required. We are looking for *demonstrated experience in information security compliance*, ideally as a CISO, vCISO, or compliance program manager; familiarity with SOC 2 audit processes, with SOC 2 Type II preferred; familiarity with ISO 27001 maintenance; experience with Sprinto or similar GRC platforms; working knowledge of GDPR operational requirements; strong written communication; and independent judgment in a small, async remote team. Enterprise security questionnaires and AI/SaaS privacy considerations are a plus.

  • Less than 30 hrs/week
    Hourly
  • 3-6 months
    Duration
  • Expert
    Experience Level
  • $30.00

    -

    $130.00

    Hourly
  • Remote Job
  • Ongoing project
    Project Type

Contract-to-hire opportunity

This lets talent know that this job could become full time.
Learn more
Skills and Expertise
Mandatory skills
ISO 27001
SOC 2
Project Management
Activity on this job
  • Proposals:50+
  • Last viewed by client:yesterday
  • Interviewing:
    6
  • Invites sent:
    7
  • Unanswered invites:
    2
About the client
Member since Mar 28, 2009
  • United States
    Evanston3:57 PM
  • $112K total spent
    167 hires, 15 active
  • 2,500 hours

Explore similar jobs on Upwork

AI Compliance
HIPAA
n8n
Twilio
NetSuite Development
NetSuite Administration
Oracle NetSuite

How it works

  • Post a job icon
    Create your free profile
    Highlight your skills and experience, show your portfolio, and set your ideal pay rate.
  • Talent comes to you icon
    Work the way you want
    Apply for jobs, create easy-to-by projects, or access exclusive opportunities that come to you.
  • Payment simplified icon
    Get paid securely
    From contract to payment, we help you work safely and get paid securely.
Want to get started? Create a profile

About Upwork

  • Rating is 4.9 out of 5.
    4.9/5
    (Average rating of clients by professionals)
  • G2 2021
    #1 freelance platform
  • 49,000+
    Signed contract every week
  • $2.3B
    Freelancers earned on Upwork in 2020

Find the best freelance jobs

Growing your career is as easy as creating a free profile and finding work like this that fits your skills.

Trusted by

  • Microsoft Logo
  • Airbnb Logo
  • Bissell Logo
  • GoDaddy Logo