Compliance Manager

About Our Company

ChampSoft is a values-driven, engineering-first custom software development company delivering secure, scalable, enterprise-grade solutions across web, mobile, cloud, and AI-augmented platforms. We operate under ISO 9001 quality standards and align our engineering practices with SOC 2 Type II and HIPAA compliance requirements.

With over 100 years of combined engineering experience, we partner with clients across healthcare, finance, retail, logistics, and other regulated industries to build mission-critical systems designed for long-term success. Our team is driven by engineering excellence, transparency, and a deep commitment to our clients outcomes. We take a collaborative, values-led approachcombining rigorous software craftsmanship with responsible, AI-augmented development practices.

Role Summary

The Compliance & Information Security Manager is responsible for leading and operationalizing ChampSofts multi-framework compliance program, ensuring continuous alignment with SOC 2 Type II, HIPAA, ISO 9001, and upcoming ISO 42001 certifications, while proactively embedding compliance into all current and future client projects.

Key Responsibilities

• Develop, Implement, and Continuously Improve Multi-Framework Compliance Programs.
• Manage SOC 2 Type II and HIPAA Compliance via Secureframe.
• Lead ISO 42001 Certification Initiatives.
• Lead Ongoing Security Awareness Programs Including Phishing Simulations, Social Engineering Defense Training, and Threat Response Education.
• Conduct Enterprise Risk Assessments and Maintain Risk Registers.
• Review New and Existing Client Projects for Compliance Alignment.
• Embed Security Controls into SDLC and Project Governance Processes.
• Coordinate External Audits and Maintain Audit-Ready Documentation.
• Develop and Deliver Recurring Security and Compliance Training.
• Monitor Emerging Security Threats and Recommend Control Enhancements.
• Maintain Cross-Standard Control Harmonization to Avoid Duplication.

Minimum Qualifications

• 5+ Years of Experience in Compliance, GRC, or Information Security Management.
• Direct Experience Managing SOC 2 Type II, ISO 9001, and HIPAA Compliance Programs.
• Hands-On Experience with Secureframe or a Similar Platform
• Strong Risk Assessment and Internal Audit Background.
• Experience Working with Engineering Teams on Secure SDLC Integration.
• Excellent Documentation and Structured Communication Skills.

Must-Have Skills

• SOC 2 Type II Compliance Management
• HIPAA Regulatory Compliance
• Experience Managing ISO 9001 Quality Management Systems and Coordinating External Audits
• Familiarity with compliance automation platforms such as Secureframe, Vanta, Drata, or Sprinto
• Risk Assessment & Risk Register Management
• Internal & External Audit Coordination
• Security Control Implementation in SDLC
• Policy Development & Documentation Management
• Cross-Framework Control Mapping
• Staff Compliance Training Delivery

Why Champsoft?

1. Competitive Salary & Benefits.
2. Career Development & Training Opportunities.
3. Hybrid Work Module.
4. Annual Health Check-ups.
5. Paid Leaves + Public Holidays.
6. AI-First Culture: ChampSoft embraces an AI-driven mindset across every function, giving you the opportunity to learn and apply AI-based strategies, automation, and analytics.
7. Opportunity to Innovate: Join a fast-growing environment where experimentation, creativity, and data-driven decision-making are encouraged.
8. Collaborative, Cross-Functional Culture: Work closely with product, engineering, sales, and healthcare domain experts who promote shared learning and teamwork