Compliance Specialist

XM Cyber is a global leader in hybrid cloud security. XM Cyber brings a new approach that uses the attacker’s perspective to find and remediate critical attack paths across on-premises and multi-cloud networks. The XM Cyber platform enables companies to rapidly prioritize and respond to cyber risks affecting their business-sensitive systems.

We are seeking a Compliance Specialist to join our team. This role is critical in managing and responding to customer questionnaires and compliance inquiries, ensuring that all data handling and business practices meet stringent standards. The ideal candidate will have prior experience in compliance, particularly in SaaS companies, and be familiar with relevant regulations and business processes.

Responsibilities

Assist in evaluating and tracking new or updated industry regulations (SOC2, ISO27001, GDPR, BSI, AI EU Act, etc.).
Support the development and maintenance of security and privacy documentation.
Help prepare compliance-related reports, presentations, and documentation.
Conduct security and privacy assessments with prospects, customers, partners, and suppliers, ensuring timely and accurate replies that uphold our company's compliance standards.
Providing regular responses to prospects, customers, partners, and suppliers' complaints related concerns.
Assist in mapping compliance framework controls.
Keep detailed records of all compliance activities and communications to ensure transparency and accountability.
Assist in preparing for and supporting internal and external compliance audits.
Help track and manage compliance-related action items and remediation efforts.
Work closely with various departments to gather the necessary information to accurately respond to external compliance queries.

Requirements:

Proven experience in compliance, particularly in the SaaS industry.
Familiarity with compliance frameworks (SOC2, ISO27001, GDPR) and regulatory requirements.
Strong understanding of basic information security and privacy concepts.
A basic understanding of privacy laws and regulations, including the General Data Protection Regulation (GDPR).
Excellent organizational and documentation skills.
Excellent communication skills, with proficiency in drafting clear and concise responses.
Ability to work collaboratively in a team environment.