Apply on Employer Site

BEMO · 1 day ago

Compliance Manager I

Redmond, WA

Full-time

Onsite

Senior Level

$131K/yr - $131K/yr

5+ years exp

BEMO is focused on maintaining compliance with leading security and privacy frameworks. The Compliance Manager I will lead compliance renewals, manage auditor relationships, and ensure that customer environments align with BEMO's compliance standards while driving improvements in internal processes.

Cyber SecuritySaaSSmall and Medium BusinessesSoftware

Responsibilities

Lead all BEMO and customer compliance renewals across frameworks (SOC 2, ISO 27001, HIPAA, CMMC 2.0, ISO 42001)

Own monthly compliance maintenance tasks ensuring readiness for internal and customer audits

Develop, maintain, and update all compliance-related documentation, including procedures, playbooks, and training content

Manage auditor relationships, prepare evidence, coordinate responses, and lead walkthroughs

Plan and lead annual certification projects and tabletop exercises to validate operational and security resilience

Automate compliance processes via AI Agents and other means of tracking within BEMO applications and reporting

Lead Managed Services and project compliance efforts, ensuring customer environments align with BEMO’s compliance standards

Facilitate tabletop exercises, audits, and assessments for customers to ensure alignment with regulatory requirements

Collaborate with internal project managers, engineering, and leadership to ensure compliance deliverables are integrated into project lifecycles

Critique and improve compliance processes, identifying opportunities for simplification, automation, and improved documentation

Drive organizational change management initiatives to successfully land new compliance processes

Support and sales and project teams in customer-facing compliance discussions documentation requests

Contribute to proposal reviews, questionnaires, and customer assessments involving compliance or security obligations

Build trust and act as a subject matter expert for internal and external stakeholders

Qualification

Compliance frameworksData analyticsProject managementSOC 2ISO 27001HIPAACMMC 2.0Technical literacyChange managementProcess improvementAudit managementMicrosoft security stackCompliance automation toolsCommunication skillsOrganizational skills

Required

Bachelor's degree in Business, Information Security, IT Management, or related field (or equivalent experience)

5+ years of experience in compliance, audit management, or information security programs

Proven track record managing SOC 2, ISO 27001, HIPAA, or CMMC certifications or renewals

Deep understanding of compliance frameworks and control implementation

Must have lead programmatic change in compliance

Must have hands-on advanced data analytics and process improvement knowledge and experience

Must have a vision for how to stand up a compliance organization from scratch that services internal functions and Customers

Must have deep knowledge of the Microsoft security stack (Purview, Entra, Defender) so that they can converse internally and with customers on policy implementations

Must have familiarity with the audit processes and have led audits

Strong project management and organizational skills —able to manage multiple concurrent audits or projects

Excellent written and verbal communication skills for internal and external audiences

Ability to analyze, automate, document, and improve processes across multiple teams

Strong technical literacy to communicate with IT, Security, and Engineering stakeholders