Managed Compliance & Continuous Assurance Practice Lead
Worldwide
Managed Compliance & Continuous Assurance Lead Senior GRC Operations, Audit Readiness and Evidence Management Advisory We are seeking an senior compliance and GRC operations leader to run end-to-end Managed Compliance & Continuous Assurance services for fast-growing SaaS, healthtech, fintech, digital-health and regulated organisations. This is not a basic compliance support or policy-writing role. We are looking for a senior operator who understands compliance as an ongoing operating system; not a one-off certification project. The successful candidate will help clients remain audit-ready, customer-ready, board-ready and regulator-ready month after month, by operating their control environment, managing evidence, tracking remediation and maintaining governance discipline. The Opportunity You will lead recurring managed compliance services covering: ISO 27001 surveillance and recertification readiness. SOC 2 Type II evidence-period support. Essential Eight posture monitoring. Privacy and APP compliance operations. GRC platform administration. Continuous control monitoring. Evidence collection and quality review. Audit query and remediation support. Executive and board compliance reporting. Customer assurance pack maintenance. The objective is to keep compliance sustainable, practical and continuously defensible. Key Responsibilities You will own the complete managed-service lifecycle, including: Transitioning clients from certification project mode into managed compliance operations. Reviewing existing controls, evidence sources, risk registers, policies and audit findings. Establishing 30/60/90-day stabilisation plans. Running monthly and quarterly compliance cadences. Managing evidence calendars, control testing and owner follow-up. Monitoring compliance drift, exceptions and overdue remediation. Maintaining risk registers, control registers and audit-readiness trackers. Producing monthly compliance reports, quarterly assurance packs and board-ready summaries. Supporting ISO surveillance audits, SOC 2 Type II evidence periods and customer security reviews. You must be able to distinguish between controls that are documented, controls that operate inconsistently and controls that are genuinely audit-ready. GRC Platform & Evidence Capability Hands-on GRC platform experience is central to this role. Relevant platforms include Vanta, Drata, Sprinto, Thoropass, OneTrust, AuditBoard, Secureframe, Hyperproof, ServiceNow GRC and similar compliance automation tools. You should be confident operating: Framework and control mapping. Evidence automation. Cloud, identity, HRIS, ticketing and CI/CD integrations. Policy attestation campaigns. Vendor-risk workflows. Auditor workspaces. Control dashboards. Exception and remediation workflows. Multi-framework evidence bases. Evidence must be timely, complete, traceable and defensible; not merely uploaded. Experience Required Applicants should demonstrate: 10+ years across GRC, information security, compliance, audit, assurance, cyber risk or managed services. 5+ years in senior client-facing compliance or GRC delivery. Experience operating recurring compliance services or managed assurance. Strong ISO 27001, SOC 2, Essential Eight and privacy operations experience. Hands-on GRC platform administration. Experience with evidence collection, control testing and remediation tracking. Experience working with auditors, certification bodies or CPA firms. Strong executive reporting and service-delivery discipline. Ability to lead independently without a senior above you. Experience in healthtech, medtech, digital health, fintech, payments, SaaS or regulated environments is strongly preferred. Preferred Certifications Relevant certifications may include ISO 27001 Lead Implementer, ISO 27001 Lead Auditor, CISA, CISM, CISSP, CRISC, CGEIT, CDPSE, CIPP, CIPM, CIPT, OCEG GRCP, cloud security certifications, ITIL or other audit, privacy, cyber and assurance credentials. We are seeking a trusted managed compliance operator who can maintain audit-quality evidence, keep controls operating, manage client cadence and make compliance sustainable beyond certification.
- More than 30 hrs/weekHourly
- 6+ monthsDuration
- ExpertExperience Level
$20.00
-
$100.00
Hourly- Remote Job
- Ongoing projectProject Type
Skills and Expertise
Activity on this job
- Proposals:15 to 20
- Last viewed by client:5 days ago
- Interviewing:0
- Invites sent:0
- Unanswered invites:0
About the client
- AUSMelbourne4:50 AM
- $2.6K total spent15 hires, 3 active
- 217 hours
Explore similar jobs on Upwork
How it works
Create your free profileHighlight your skills and experience, show your portfolio, and set your ideal pay rate.
Work the way you wantApply for jobs, create easy-to-by projects, or access exclusive opportunities that come to you.
Get paid securelyFrom contract to payment, we help you work safely and get paid securely.
About Upwork
- 4.9/5(Average rating of clients by professionals)
- G2 2021#1 freelance platform
- 49,000+Signed contract every week
- $2.3BFreelancers earned on Upwork in 2020
Find the best freelance jobs
Growing your career is as easy as creating a free profile and finding work like this that fits your skills.
Trusted by