About us:

Penlink is a global leader in digital intelligence solutions. Our advanced technologies simplify complex data, empowering public safety organizations to make informed decisions quickly and effectively. We believe in the power of data-driven intelligence to accelerate clarity in decision-making for global security, strategic operations, and the most critical missions. Headquartered in the US with offices worldwide.

Job Description:

The Security Compliance/GRC Officer will work under the Security Compliance Manager and play a key role in supporting the company’s compliance and governance efforts. This role will work closely with the Security, IT, Legal, and Operations teams to strengthen the organization’s compliance posture, support certification processes (such as SOC 2, ISO 27001, and GDPR), and promote a culture of security and accountability across the business. The Compliance Coordinator will be responsible for maintaining documentation, coordinating audits, and ensuring adherence to regulatory and industry standards critical to SaaS operations.

Key Responsibilities:

• Support the design, implementation, and ongoing maintenance of compliance programs aligned with industry frameworks (e.g., SOC 2, ISO 27001, GDPR).
• Coordinate internal and external audits, including evidence collection, documentation, and tracking of remediation active sites.
• Monitor industry and regulatory changes to ensure company practices remain compliant and up-to-date.
• Maintain and update compliance documentation, policies, procedures, and certifications to ensure audit readiness.
• Assist in vendor risk management, including due diligence, third-party compliance reviews, and periodic access rights reviews.
• Contribute to RFI/RFP responses by providing accurate compliance-related information.
• Support and deliver compliance training programs to promote awareness of security, privacy, and regulatory obligations across the organization.
• Partner with cross-functional teams (Engineering, IT, Legal, HR, Operations, and Sales) to embed compliance requirements into business operations.
• Track, analyze, and report on compliance activities, risks, and key performance indicators.
• Provide support on ad-hoc GRC projects as needed.

• 3+ years of experience in compliance, audit, information security, or risk management within a SaaS environment.
• Proven hands-on experience supporting audits and certfication processes, with strong knowledge of regulatory frameworks such as SOC 2, ISO 27001, and GDPR.
• Experience managing compliance frameworks using a GRC platform.
• Excellent written and verbal communication skills in English, with strong interpersonal abilities for cross-functional collaboration.
• Exceptional organizational and documentational skills, with keen attention to detail.
• Strong analytical, problem-solving, and critical-thinking skills.
• Strong knowledge managing CIS compliance

Preferred Qualifications

• Familiarity with data privacy laws (GDPR, CCPA) and cloud security practices.
• Knowledge of security risk management frameworks (NIST, CIS Controls) - Advantage