Information Security & Compliance Manager

Information Security & Compliance Manager

Applied

AI is a pioneering AI technology company headquartered in Abu Dhabi, committed to innovation and excellence in artificial intelligence solutions across regulated industries such as healthcare, insurance, government, and financial services.

We are seeking an Information Security & Compliance Manager to support our governance, risk, and compliance activities across multiple frameworks, certifications, and client requirements. This role will manage day-to-day compliance operations, respond to customer assurance requests, assist with investor due diligence enquiries, and help maintain the company’s security posture as we scale.

You will work closely with Engineering, IT, Product, Legal, and People teams to ensure controls are implemented, evidence is maintained, and audits run smoothly. This role is hands‑on, detail‑driven, and suited to someone with a strong foundation in audit, risk, or security compliance.

• Support delivery and ongoing maintenance of compliance frameworks including SOC 2 Type 3, SOC 3, ISO 27001 and 42001, NIST CSF, HIPAA/HITRUST, GDPR, CSA STAR, and others as required.
• Maintain the ISMS, AIMS, risk register, policies, controls, audit evidence, and compliance documentation.
• Coordinate internal and external audits, including evidence gathering, remediation tracking, and readiness assessments.
• Monitor compliance with regulatory requirements and internal policy standards.
• Collaborate with Engineering, IT, and Product teams to ensure controls are embedded in operational processes and system designs.

• Manage and respond to customer security questionnaires, DDQs, vendor security assessments, and RFP security sections.
• Prepare and maintain trust documentation, security overviews, compliance packs, and attestations.
• Support enterprise customers during pre‑sales and renewal cycles, ensuring consistent communication of our security posture.

• Coordinate continuous compliance activities across all Applied
  
  AI certifications.
• Own audit preparation, evidence collection, corrective action plans, and audit follow‑through.
• Manage relationships with auditors, external assessors, and penetration testing vendors.
• Maintain compliance tooling (Vanta and internal GRC platforms) and ensure data accuracy.

• Partner with engineering/IT on vulnerability management, access reviews, and control testing.
• Track remediation items and follow up on security tasks across the organization.
• Support incident response with documentation, evidence, and compliance alignment where needed.

• Participate in security awareness initiatives, training content, and internal communications.
• Identify opportunities for automation and process improvement across compliance workflows.
• Contribute to maturing the organization’s overall governance and risk posture.

Required

• 4–7 years’ experience in security compliance, audit, risk, or GRC, ideally within a technology‑driven or regulated environment.
• Hands‑on exposure to SOC 2, ISO 27001, and related security or privacy frameworks (e.g., GDPR, NIST).
• Demonstrated experience supporting internal and external audits, including evidence collection, walkthroughs, remediation tracking, and control testing.
• Strong communication and documentation skills, with the ability to translate technical requirements into clear business guidance.
• Familiarity with broader regulatory and security standards such as HIPAA, HITRUST, CSA STAR, or Cyber Essentials.
• Comfortable working cross‑functionally with Engineering, IT, Legal, People, and Operations teams.

Preferred

• Professional certifications: CISA, CISSP, CISM, CRISC, ISO 27001 Lead Auditor/Implementer.
• Experience with GRC automation tools such as Vanta, Drata, Tugboat, Secureframe, or similar.
• Understanding of third‑party risk management and supplier assurance.
• Exposure to incident response or operational security practices.
• Background in audit, controls testing, or risk advisory (e.g., Big
  4).
• Knowledge of cloud security concepts (AWS, Azure, GCP).
• Opportunity to work with a leading AI technology company.
• Collaborative and innovative work environment.
• Growing, entrepreneurial and forward‑thinking culture.
• Career growth and professional development opportunities.
• Exposure to a thriving ecosystem working from our Abu Dhabi HQ.
• 21 days of paid annual leave.
• Visa sponsorship for international candidates.

Mid‑Senior level

Full‑time

Information Technology

IT Services and IT Consulting

Referrals increase your chances of interviewing at Applied

AI by 2x