Information Security – Compliance Program Manager

Information Security – Compliance Program Manager

5-7

Full-Time

Information Security – Compliance Program Manager

Experience:

5–10+ Years

Employment Type:

Full-time

Lumel is a fast-growing data analytics and enterprise performance management company helping global enterprises make better, faster decisions. As we scale, information security and compliance are foundational pillars of trust with our customers. We are investing in world‑class security certifications and looking for a senior compliance leader to build and run this program end‑to‑end.

This is a high‑visibility, career‑growth role – owning the security certification roadmap and shaping Lumel’s long‑term compliance strategy.

We are seeking a seasoned Information Security – Compliance Program Manager with strong Big4 / top‑tier consulting pedigree to spearhead Lumel’s global compliance initiatives. You will be the single point of contact (SPOC) for all security certifications and audits and will lead Lumel through SOC 2, ISO 27001, GDPR, HIPAA and future frameworks.

This is a hands‑on leadership role requiring deep domain expertise, strong vendor and auditor management skills, and the ability to independently drive certification programs from zero to audit‑ready.

• Own the end‑to‑end Information Security Compliance Program for Lumel.
• Lead and manage SOC 2 Type II, ISO 27001, GDPR, HIPAA and upcoming certification initiatives.
• Develop certification roadmaps, readiness assessments, risk registers, control matrices and compliance artifacts.
• Serve as primary liaison with external auditors, Big4 / certification bodies, and compliance vendors.
• Drive gap analysis, remediation plans, and continuous improvement programs.
• Coordinate across engineering, IT, legal, HR, product, and leadership to ensure controls are implemented and sustained.
• Establish internal security policies, procedures, governance frameworks and evidence‑collection processes.
• Conduct internal audits, control testing, vendor risk assessments and compliance training.
• Build audit‑ready documentation repositories and compliance dashboards.
• Track regulatory changes and proactively update Lumel’s compliance posture.
• Report compliance status, risks and audit outcomes to senior leadership.

• 5+ years of progressive experience in Information Security Compliance / GRC / Risk & Assurance.
• Prior experience with Big4 / Top‑tier consulting firms or equivalent large‑scale compliance environments.
• Proven track record leading SOC 2, ISO 27001, GDPR, HIPAA certifications end‑to‑end.
• Deep understanding of information security frameworks, audit methodologies, and control testing.
• Strong experience managing external auditors, vendors, and certification bodies.
• Excellent stakeholder management and executive communication skills.
• Highly organized, independent self‑starter with strong ownership mindset.

CISA, CISM, CRISC, CISSP, ISO 27001 Lead Implementer / Lead Auditor (any combination preferred).

• Be the founding leader of Lumel’s compliance function.
• High‑impact role with long‑term ownership of security certifications.
• Direct visibility with senior leadership.
• Strong growth trajectory as compliance will remain a strategic priority.
• Competitive compensation + long‑term career advancement.

This role is 100% onsite in the Dallas–Fort Worth (DFW) Area. No travel required.

If you are passionate about building world‑class security compliance programs and want to own Lumel’s trust foundation, we would love to hear from you.