Managed Compliance & Continuous Assurance Practice Lead

Posted 4 weeks ago

Worldwide

Summary

Managed Compliance & Continuous Assurance Lead Senior GRC Operations, Audit Readiness and Evidence Management Advisory We are seeking an senior compliance and GRC operations leader to run end-to-end Managed Compliance & Continuous Assurance services for fast-growing SaaS, healthtech, fintech, digital-health and regulated organisations. This is not a basic compliance support or policy-writing role. We are looking for a senior operator who understands compliance as an ongoing operating system; not a one-off certification project. The successful candidate will help clients remain audit-ready, customer-ready, board-ready and regulator-ready month after month, by operating their control environment, managing evidence, tracking remediation and maintaining governance discipline. The Opportunity You will lead recurring managed compliance services covering: ISO 27001 surveillance and recertification readiness. SOC 2 Type II evidence-period support. Essential Eight posture monitoring. Privacy and APP compliance operations. GRC platform administration. Continuous control monitoring. Evidence collection and quality review. Audit query and remediation support. Executive and board compliance reporting. Customer assurance pack maintenance. The objective is to keep compliance sustainable, practical and continuously defensible. Key Responsibilities You will own the complete managed-service lifecycle, including: Transitioning clients from certification project mode into managed compliance operations. Reviewing existing controls, evidence sources, risk registers, policies and audit findings. Establishing 30/60/90-day stabilisation plans. Running monthly and quarterly compliance cadences. Managing evidence calendars, control testing and owner follow-up. Monitoring compliance drift, exceptions and overdue remediation. Maintaining risk registers, control registers and audit-readiness trackers. Producing monthly compliance reports, quarterly assurance packs and board-ready summaries. Supporting ISO surveillance audits, SOC 2 Type II evidence periods and customer security reviews. You must be able to distinguish between controls that are documented, controls that operate inconsistently and controls that are genuinely audit-ready. GRC Platform & Evidence Capability Hands-on GRC platform experience is central to this role. Relevant platforms include Vanta, Drata, Sprinto, Thoropass, OneTrust, AuditBoard, Secureframe, Hyperproof, ServiceNow GRC and similar compliance automation tools. You should be confident operating: Framework and control mapping. Evidence automation. Cloud, identity, HRIS, ticketing and CI/CD integrations. Policy attestation campaigns. Vendor-risk workflows. Auditor workspaces. Control dashboards. Exception and remediation workflows. Multi-framework evidence bases. Evidence must be timely, complete, traceable and defensible; not merely uploaded. Experience Required Applicants should demonstrate: 10+ years across GRC, information security, compliance, audit, assurance, cyber risk or managed services. 5+ years in senior client-facing compliance or GRC delivery. Experience operating recurring compliance services or managed assurance. Strong ISO 27001, SOC 2, Essential Eight and privacy operations experience. Hands-on GRC platform administration. Experience with evidence collection, control testing and remediation tracking. Experience working with auditors, certification bodies or CPA firms. Strong executive reporting and service-delivery discipline. Ability to lead independently without a senior above you. Experience in healthtech, medtech, digital health, fintech, payments, SaaS or regulated environments is strongly preferred. Preferred Certifications Relevant certifications may include ISO 27001 Lead Implementer, ISO 27001 Lead Auditor, CISA, CISM, CISSP, CRISC, CGEIT, CDPSE, CIPP, CIPM, CIPT, OCEG GRCP, cloud security certifications, ITIL or other audit, privacy, cyber and assurance credentials. We are seeking a trusted managed compliance operator who can maintain audit-quality evidence, keep controls operating, manage client cadence and make compliance sustainable beyond certification.

  • More than 30 hrs/week
    Hourly
  • 6+ months
    Duration
  • Expert
    Experience Level
  • $20.00

    -

    $100.00

    Hourly
  • Remote Job
  • Ongoing project
    Project Type
Skills and Expertise
Mandatory skills
Agile Project Management
Activity on this job
  • Proposals:15 to 20
  • Last viewed by client:5 days ago
  • Interviewing:
    0
  • Invites sent:
    0
  • Unanswered invites:
    0
About the client
Member since Jan 27, 2025
  • AUS
    Melbourne4:50 AM
  • $2.6K total spent
    15 hires, 3 active
  • 217 hours

Explore similar jobs on Upwork

Graphic design and assistanceHourly‐ Posted 4 weeks ago
Covers & Packaging
Design & Usability Research
Management Skills
Environment
Usability Testing
Graphic Design
Content Creation
Logo Design
Project Management
Brand Design
Transcript
Translation
Swedish
Photography
Project Management
Administrative Support
Project Scheduling
Problem Resolution
Project Delivery
Vendor Management

How it works

  • Post a job icon
    Create your free profile
    Highlight your skills and experience, show your portfolio, and set your ideal pay rate.
  • Talent comes to you icon
    Work the way you want
    Apply for jobs, create easy-to-by projects, or access exclusive opportunities that come to you.
  • Payment simplified icon
    Get paid securely
    From contract to payment, we help you work safely and get paid securely.
Want to get started? Create a profile

About Upwork

  • Rating is 4.9 out of 5.
    4.9/5
    (Average rating of clients by professionals)
  • G2 2021
    #1 freelance platform
  • 49,000+
    Signed contract every week
  • $2.3B
    Freelancers earned on Upwork in 2020

Find the best freelance jobs

Growing your career is as easy as creating a free profile and finding work like this that fits your skills.

Trusted by

  • Microsoft Logo
  • Airbnb Logo
  • Bissell Logo
  • GoDaddy Logo