Compliance & Security Manager

 About Veryon

Veryon is a leading aviation software and technology company serving 7,500+ customers in over 130 countries. We empower aviation teams to maximize uptime, efficiency, and safety through customer-driven innovation and world-class service. 

About the Role

As a Compliance & Security Manager, you will be critical in protecting Veryon’s products, data, and operations. You will enhance cybersecurity posture, lead compliance initiatives, manage customer trust requests, and partner with DevOps and Infrastructure teams to secure applications, cloud environments, and internal systems. 

You’ll champion security with best practices and scale governance as the company continues to grow globally. 

Key Responsibilities 

• Lead responses to RFPs, security questionnaires, and due diligence requests. 
• Coordinate internal and external security audits, assessments, and evidence collection. 
• Drive vulnerability management for applications and cloud infrastructure alongside DevOps. 
• Support secure DevOps practices, including CI/CD controls and dependency/security scanning. 
• Participate in incident response, on-call rotations, and escalations. 
• Maintain policies, standards, and procedures aligned with SOC 2, ISO 27001, and CIS frameworks. 
• Improve identity governance and implement zero trust across systems. 
• Provide IT governance support, including access reviews, onboarding/offboarding, and endpoint compliance. 
•  Maintain documentation, reporting, and training for security controls and compliance initiatives. 

Requirements

• 3+ years of experience in cybersecurity, DevSecOps, compliance, IT security operations, or IT audit. 
• Knowledge of security frameworks such as SOC 2, ISO 27001, CIS Controls, and NIST CSF. 
• Experience with vulnerability management, identity/security governance, monitoring, and endpoint protection. 
• Strong communication skills with attention to detail and clear documentation ability. 
• Ability to collaborate across engineering, sales, legal, and operations teams. 
• Comfortable participating in on-call rotations. 

Preferred Qualifications / Certifications 

• CompTIA Security+, CySA+, CISM, CISSP (or in progress). 
• ISO 27001 Lead Implementer or Auditor certifications. 
• Cloud security knowledge (AWS, Azure) and experience with DevOps tools. 
• Experience implementing automation for compliance or security workflows. 

Our Core Values: 

• Fueled by Customers: Customers are at the core of every decision. 
• Win Together: Collaboration is our competitive edge. 
• Make It Happen: No excuses. Just outcomes. 
• Innovate to Elevate: We boldly challenge what’s standard and lift what’s possible.