Security Compliance Officer

About us:

Penlink is a global leader in digital intelligence solutions. Our advanced technologies simplify complex data, empowering public safety organizations to make informed decisions quickly and effectively. We believe in the power of data-driven intelligence to accelerate clarity in decision-making for global security, strategic operations, and the most critical missions. Headquartered in the US with offices worldwide.

Job Description:

The Security Compliance/GRC Officer will work under the Security Compliance Manager and play a key role in supporting the company’s compliance and governance efforts. This role will work closely with the Security, IT, Legal, and Operations teams to strengthen the organization’s compliance posture, support certification processes (such as SOC 2, ISO 27001, and GDPR), and promote a culture of security and accountability across the business. The Compliance Coordinator will be responsible for maintaining documentation, coordinating audits, and ensuring adherence to regulatory and industry standards critical to SaaS operations.

Key Responsibilities:

• Support the design, implementation and maintenance of compliance programs aligned with frameworks such as SOC 2, ISO 27001 and GDPR.
• Coordinate internal and external audits, including evidence collection, document preparation, and follow-up on remediation actions.
• Monitor industry and regulatory changes to ensure organizational practices remain up to date.
• Maintain compliance documentation, policies, procedures and certifications for audit readiness.
• Assist in vendor risk management, including due diligence and third-party compliance reviews.
• Assist with periodical access rights reviews and any other GRC related project(s)
• Support compliance training programs to raise awareness of security, privacy, and regulatory obligations.
• Partner with cross-functional teams (Engineering, IT, Legal, HR, and Operations) to ensure compliance requirements are integrated into daily practices.
• Track and report on compliance activities, risks, and key performance indicators.
  
  

• 3 years of experience in compliance, audit, information security, or risk management in a Saas Company.
• Hands-on experience supporting audits and certification processes with a strong understanding of SaaS business operations and regulatory frameworks, including SOC 2, ISO 27001, and GDPR.
• Experience with managing compliance or GRC platforms.
• English – proficiency
• Excellent organizational and documentation skills with keen attention to detail.
• Interpersonal communication skills for cross-functional collaboration.
• Strong analytical, problem-solving, and critical-thinking skills.
  
  

• Familiarity with data privacy laws (GDPR, CCPA) and cloud security practices.
• Knowledge of security risk management frameworks (NIST, CIS Controls) - Advantage