Senior Information Security Officer

The Role We are seeking a Senior Information Security Officer to be a key pillar of our Global GRC function. This is not just a support role; you will be the lead architect for Information Security and Compliance by Design across our most critical global projects. You will provide expert oversight for our Internal Control System (ICS) and drive the execution of Statutory and Group audits (SOX). This role is designed for a high-performing, self-motivated professional who thrives in a virtual environment and can independently navigate complex global stakeholders. Key Responsibilities - Global Project Leadership: Lead and manage critical global compliance projects, ensuring security requirements are integrated into the project lifecycle from inception to deployment. - Compliance by Design: Act as a senior advisor to product and engineering teams to implement "Compliance by Design" principles, ensuring new systems and software are natively compliant with SOX, ISO 27001, SOC1/2 and NIST frameworks. - Internal Control System (ICS): Autonomously design, implement, and monitor a robust ICS framework. You will be responsible for the health and effectiveness of controls across the US and Global hubs. - SOX & Statutory Audits: Lead the testing, validation, and documentation of IT General Controls (ITGCs). Serve as the primary point of contact for external and internal auditors, managing the end-to-end audit lifecycle. - Risk Governance: Independently conduct deep-dive risk assessments for high-priority global initiatives, identifying vulnerabilities and negotiating remediation strategies with senior leadership. Candidate Profile: Self-Management & Strategic Drive As a virtual-first leader, you must demonstrate: - Independence & Ownership: A proven ability to work without day-to-day supervision, taking full accountability for regional and global compliance outcomes. - Self-Motivation: A "self-starter" mentality capable of driving complex projects to completion within Solera’s high-pace "365-day" cycle. - Strategic Influence: The ability to negotiate security and compliance requirements with global stakeholders, including Legal, Finance, and C-Suite leadership. - Exceptional Communication: Mastery of English (written/verbal) to lead global meetings and produce executive-level audit reports. Requirements - Experience: 8+ years in Information Security/GRC, with a heavy focus on IT Audit and SOX compliance in a global, multi-national environment. - Technical Mastery: In-depth knowledge of ITGCs, SOC1/2, ISO 27001, and the ability to apply these to "Secure SDLC" and "Compliance by Design" workflows. - Education: Bachelor’s or Master’s degree in Cybersecurity, Information Systems, or a related field. - Certifications: CISA (Certified Information Systems Auditor) is highly preferred. CISSP, CISM, or CRISC are significant advantages. - Virtual Fluency: Success in a 100% remote role, with the discipline to manage early/late sessions to bridge the EMEA/US timezone gap. - Language: Professional fluency in English (written and verbal) is mandatory for supporting US and EMEA stakeholders.