IT & Information Security Compliance Manager

Are you ready to shape the future of authentication? Join 1Kosmos and help lead the next wave in identity assurance and passwordless innovation.

1Kosmos is driving the future of identity security, empowering organizations to eliminate passwords and establish trust at every step of the identity lifecycle. As a vibrant team of innovators, we develop advanced authentication solutions trusted by some of the worlds leading brands. Join us as we create a passwordless world and set new standards for digital identity assurance.

We are seeking anIT & Information Security Compliance Managerto own and strengthen our companys security and compliance posture across frameworks such asSOC 2,ISO 27001,FedRAMP High, andNIST.

This is ahands-on operational leadershiprole (not a CISO), focused on ensuring audit readiness, control implementation, IT governance, and continuous improvement of our security programs. The ideal candidate will combine a strong understanding of infrastructure and security controls with experienceautomating compliance workflowsusing tools likeDrataorVanta.

Requirements

Key Responsibilities

• Lead and maintain enterprise security and compliance programs aligned with SOC 2, ISO 27001/27002, FedRAMP High, and NIST 800-53/171 frameworks.

• Build and manageautomated compliance monitoringand evidence collection throughDrata,Vanta, or equivalent platforms; integrate these with internal systems (ticketing, HRIS, cloud providers, etc.).

• Prepare for and manageSOC 2 Type I/II, ISO audits, and FedRAMP readiness assessments: gap analysis, documentation, remediation, and control testing.

• Partner with IT Operations and Engineering to ensure security controls are embedded in infrastructure, cloud, network, and identity systems.

• Maintain and update security policies, SSPs, POA&Ms, and other audit documentation.

• Oversee incident response, change management, and vendor risk programs to ensure consistent compliance coverage.

• Manage relationships with external auditors and compliance assessors.

• Define and track metrics for audit readiness, risk posture, and compliance automation efficiency.

• Stay current with evolving compliance frameworks and technologies that can improve assurance automation.

• Champion security awareness, training, and continuous improvement across the organization.

Qualifications

Must-Have

• 6 + years of experience in IT security, compliance, or risk management within a SaaS or regulated technology environment.

• Proven experience managingSOC 2andISO 27001programs end-to-end; exposure toFedRAMP HighorNIST 800-53is a plus.

• Hands-on use and administration ofDrata,Vanta, Tugboat Logic, or equivalent compliance automation platforms.

• Familiarity with AWS/Azure/GCP cloud environments, identity & access management, and IT operations.

• Strong technical understanding of security controls: network, endpoint, access, configuration management, logging/monitoring, vulnerability management.

• Excellent documentation and communication skills able to translate control requirements into clear operational actions.

• Experience leading internal or external audits and managing evidence collection efficiently.

• Based in (or willing to relocate to)Edison, NJand work on-site with our leadership and operations teams.

Preferred

• Certifications such asCISSP, CISM, CISA, ISO 27001 Lead Implementer/Auditor, orFedRAMP Practitioner.

• Experience managing or improving IT operations processes with a compliance lens.

• Familiarity with compliance automation APIs or integration scripting is a bonus.

Benefits

• Benefits:

• Comprehensive health, dental, and vision coverage
• 401(k)
• Paid time off
• Professional development budget
• Certification reimbursement