Compliance Manager

About Our Company

ChampSoft is a values-driven, engineering-first custom software development company delivering secure, scalable, enterprise-grade solutions across web, mobile, cloud, and AI-augmented platforms. We operate under ISO 9001 quality standards and align our engineering practices with SOC 2 Type II and HIPAA compliance requirements.

With over 100 years of combined engineering experience, we partner with clients across healthcare, finance, retail, logistics, and other regulated industries to build mission-critical systems designed for long-term success. Our team is driven by engineering excellence, transparency, and a deep commitment to our clients’ outcomes. We take a collaborative, values-led approach—combining rigorous software craftsmanship with responsible, AI-augmented development practices.

Role Summary

The Compliance & Information Security Manager is responsible for leading and operationalizing ChampSoft’s multi-framework compliance program, ensuring continuous alignment with SOC 2 Type II, HIPAA, ISO 9001, and upcoming ISO 42001 certifications, while proactively embedding compliance into all current and future client projects.

Key Responsibilities

- Develop, Implement, and Continuously Improve Multi-Framework Compliance Programs. - Manage SOC 2 Type II and HIPAA Compliance via Secureframe. - Lead ISO 42001 Certification Initiatives. - Lead Ongoing Security Awareness Programs Including Phishing Simulations, Social Engineering Defense Training, and Threat Response Education. - Conduct Enterprise Risk Assessments and Maintain Risk Registers. - Review New and Existing Client Projects for Compliance Alignment. - Embed Security Controls into SDLC and Project Governance Processes. - Coordinate External Audits and Maintain Audit-Ready Documentation. - Develop and Deliver Recurring Security and Compliance Training. - Monitor Emerging Security Threats and Recommend Control Enhancements. - Maintain Cross-Standard Control Harmonization to Avoid Duplication.

Minimum Qualifications

- 5+ Years of Experience in Compliance, GRC, or Information Security Management. - Direct Experience Managing SOC 2 Type II, ISO 9001, and HIPAA Compliance Programs. - Hands-On Experience with Secureframe or a Similar Platform - Strong Risk Assessment and Internal Audit Background. - Experience Working with Engineering Teams on Secure SDLC Integration. - Excellent Documentation and Structured Communication Skills.

Must-Have Skills

- SOC 2 Type II Compliance Management - HIPAA Regulatory Compliance - Experience Managing ISO 9001 Quality Management Systems and Coordinating External Audits - Familiarity with compliance automation platforms such as Secureframe, Vanta, Drata, or Sprinto - Risk Assessment & Risk Register Management - Internal & External Audit Coordination - Security Control Implementation in SDLC - Policy Development & Documentation Management - Cross-Framework Control Mapping - Staff Compliance Training Delivery

Why Champsoft?

1. Competitive Salary & Benefits. 2. Career Development & Training Opportunities. 3. Hybrid Work Module. 4. Annual Health Check-ups. 5. Paid Leaves + Public Holidays. 6. AI-First Culture: ChampSoft embraces an AI-driven mindset across every function, giving you the opportunity to learn and apply AI-based strategies, automation, and analytics. 7. Opportunity to Innovate: Join a fast-growing environment where experimentation, creativity, and data-driven decision-making are encouraged. 8. Collaborative, Cross-Functional Culture: Work closely with product, engineering, sales, and healthcare domain experts who promote shared learning and teamwork