Information Security and Compliance Manager

Position Overview

• Location Type: Hybrid
• Job Type: Full time
• Salary: Not specified

Cerence, a leading software development company specializing in voice AI technology for the global automotive industry, is seeking a skilled Security and Compliance Manager. This role focuses on protecting the company’s infrastructure, applications, people, and customers while adhering to industry standards and best practices.

Requirements

• Education: Bachelor’s degree
• Experience: 5+ years of experience in enterprise information security and risk or compliance management within a software development or technology-focused company.
• Technical Skills:
  • Strong understanding of enterprise security architecture and security solution implementation.
  • Experience managing penetration testing, vulnerability assessments, and incident response planning.
  • Experience with compliance frameworks and standards such as ISO 27001/17, TISAX, CIS, and NIST.
  • Familiarity with IT infrastructure, service/help desk teams, and software development teams.
  • Experience with Crowdstrike Falcon, network vulnerability management tools, static code analysis and open source scanning tools.
• Soft Skills:
  • Proven analytical and critical thinking skills.
  • Demonstrated ability to methodically plan, organize, and manage initiatives.
  • Proven ability to lead security audits and manage external security assessments.
  • Excellent written and verbal communication skills, especially for client-facing documentation and security reporting.

Responsibilities

• Lead the implementation and oversight of security controls interfacing with global teams.
• Maintain and evolve the information security management system (ISMS) in line with frameworks such as ISO 27001/17, TISAX, CIS, and NIST.
• Manage projects and programs to meet security objectives.
• Manage internal and external network penetration tests, vulnerability scans, and remediation processes.
• Coordinate responses to customer security assessments, including RFPs, RFQs, and due diligence questionnaires.
• Oversee centralized compliance controls and governance tools.
• Partner with IT, help desk, and software development teams to ensure secure operations and adherence to best practices.
• Track and report on compliance posture, including risk assessments, audit results, and remediation efforts.
• Monitor changes in regulatory requirements or industry standards and adjust internal controls as needed.
• Promote a culture of security awareness across the organization.

Application Instructions

• Not specified

Company Information

Cerence Inc. (Nasdaq: CRNC and www.cerence.com) is the global industry leader in creating unique, moving experiences for the automotive world. Spun out from Nuance in October 2019, Cerence is a new, independent company that has quickly gained traction as a leader in the automotive voice assistant space, working with all of the world’s leading automakers – from Ford and Fiat Chrysler to Daimler, Audi and BMW to Geely and SAIC – to transform how a car feels, responds and learns. Its track record is built on more than 20 years of industry experience and leadership and more than 500 million cars on the road today across more than 70 languages. As Cerence looks to the future and continues an ambitious growth agenda, we need someone to join the team and help build the future of voice and AI in cars. This is an exciting opportunity to join Cerence’s passionate, dedicated, global team and be a part of meaningful innovation in a rapidly growing industry.

EQUAL OPPORTUNITY EMPLOYER