Security Compliance Manager

at  CV Partner

ABOUT CV PARTNER

CV Partner is the Nordic proposal automation leader, simplifying new business acquisition through streamlined public tenders, bids, and proposals. Our SaaS tool, present in 35+ countries, automates CV, resume, and case study customization, halving proposal preparation time.
Trusted by industry leaders like PwC and DLA Piper, CV Partner, founded in 2012, received strategic investment in 2023, accelerating global expansion. Headquartered in Oslo, with offices in London, Stockholm, Copenhagen, and Toronto.

QUALIFICATIONS

• Solid understanding of ISMS, and especially ISO 27001 and SOC 2.
• Established experience in data protection, maintaining data protection policy, and managing data processing activities
• Strong communication and negotiation skills with clients, legal teams, and other stakeholders, such as engineering, customer success, sales etc.
• Experience within sales support, particularly in addressing security-related inquiries and advising sales teams
• Proven ability to develop training programs and awareness campaigns
• Knowledge about hiring processes and ensuring compliance in this area
• Excellent communication skills. Must be comfortable delivering complex legal-related content in an understandable and actionable manner.
• BSc/BA in law, finance, business administration or a related field. An advanced degree would be a plus.
• Certified compliance professional is a plus. Having a compliance certification (such as the Certified Compliance & Ethics Professional, or equivalent) is highly desirable.

• Regularly carrying out internal audits to maintain compliance and tackle non-compliance issues. This process involves an in-depth examination of our operations, staff interviews, and suggesting areas for enhancement.
• Maintaining and enhancing our information security management systems, including performing annual audits of ISO 27001 and SOC 2.
• Crafting, deploying, and overseeing effective policy and procedure documents. This includes drafting clear, concise policies, guidelines, and procedures that align with legal requirements and cater to business needs.
• Continually evaluating the efficiency of the ISMS and suggesting impactful improvements. This involves monitoring and testing controls and implementing necessary corrective actions to enhance their effectiveness.
• Examining and assessing company procedures and reports to pinpoint hidden risks or recurrent issues. This involves performing risk assessments, dissecting reports, and identifying potential compliance vulnerabilities and risks.
• Collaborating with various department managers to review all departmental compliance policies. This includes working alongside the management team to ensure every area of the company aligns with all relevant laws and regulations. Finding the best way for us to meet these requirements, without compromising the user experience, is a key challenge.