Information Security and Compliance Manager

Information Security and Compliance Manager

Opportunity

We are a leading software development company specializing in voice AI technology for the automotive industry. Our solutions power next-generation in-vehicle voice experiences for major automotive brands. We seek a Security and Compliance Manager to lead our efforts in protecting our infrastructure, applications, and customers, ensuring compliance with industry standards.

Responsibilities

1. Implement and oversee security controls with global teams.
2. Maintain and evolve our ISMS aligned with frameworks like ISO 27001/17, TISAX, CIS, and NIST.
3. Manage security projects and programs.
4. Conduct and manage internal/external penetration tests and vulnerability scans.
5. Coordinate responses to customer security assessments, RFPs, RFQs, and due diligence questionnaires.
6. Oversee compliance controls and governance tools.
7. Collaborate with IT, help desk, and software teams to ensure secure operations.
8. Report on compliance status, risk assessments, audits, and remediation.
9. Monitor regulatory and industry standard changes and update controls accordingly.
10. Promote security awareness across the organization.

Requirements

• Bachelor's degree
• 5+ years in enterprise information security, risk, or compliance management within a tech-focused company.
• Strong understanding of security architecture and solutions.
• Experience with penetration testing, vulnerability assessments, incident response.
• Knowledge of ISO 27001/17, TISAX, CIS, NIST frameworks.
• Experience with IT infrastructure, service/help desk, and software development teams.
• Familiarity with Crowdstrike Falcon, vulnerability management tools, static code analysis, open source scanning.
• Analytical and critical thinking skills.
• Ability to plan, organize, and manage initiatives.
• Experience leading security audits and assessments.
• Excellent communication skills for documentation and reporting.

Preferred Qualifications

• Certifications like CISSP, CISM, CRISC, ISO 27001 Lead Implementer.
• Knowledge of application compliance frameworks like ISO 21434, UNECE WP.29.
• Experience with threat analysis, risk assessments (TARA).
• Experience with Atlassian Jira, Confluence, Azure security controls, GRC platforms, and compliance tools.

About Us

Cerence Inc. (Nasdaq: CRNC) is a leader in creating innovative automotive voice AI solutions, working with top automakers worldwide. With over 20 years of industry experience and more than 500 million cars equipped globally, we are shaping the future of connected and autonomous vehicles.