Compliance & Information Security Manager

Position Title: Compliance & Information Security Manager Department: Compliance Location: Remote Reports To: VP of Compliance Installation Made Easy (“IME”) provides software and process management that enable retailers and contractors to offer installed home improvements to homeowners in a convenient, consistent, and affordable manner. IME senior management has over 100 years of retail management and home improvement industry experience. We are seeking a Compliance & Information Security Manager to build and manage our corporate compliance and information security governance program. The role will lead regulatory compliance initiatives, manage audit and certification efforts, and partner closely with Compliance, IT, and Security teams to support a strong risk and compliance posture. The candidate must be able to work independently in a remote environment. Essential Functions: • Manage compliance programs related to PCI DSS, SOC 1 / SOC 2, and related frameworks. • Serve as project manager for external audits and certifications, coordinating internal teams and external auditors. • Maintain compliance with U.S. consumer privacy and data protection laws, including state privacy and breach notification requirements. • Develop and maintain compliance, privacy, and information security policies and documentation. • Review and redline agreements with customers, partners, and vendors, focusing on data protection, security, and compliance terms. • Oversee the maintenance of the company’s certifications and licenses, such as money services licensure and/or business registrations • Support information security governance, risk assessments, vendor risk reviews, and remediation tracking. • Provide compliance support during security incidents and investigations. • Partner cross-functionally and provide compliance guidance and training across the organization. • Perform other duties as required. Minimum Qualifications: • 5+ years of experience in compliance, information security, risk management, or GRC roles. • Hands-on experience managing PCI and SOC audits. • Working knowledge of U.S. consumer privacy and data protection laws. • Experience reviewing and redlining commercial agreements. • Strong project management and communication skills. • Bachelor’s degree in a related field or equivalent experience. Preferred Qualifications: • Certifications such as CISSP, CISM, CRISC, CISA, or CIPP/US. • Experience in a SaaS or software environment. • Familiarity with NIST or ISO 27001 frameworks. Physical Requirements: • Prolonged periods of sitting at a desk and working on a computer. Benefits to working with IME: • 100% remote work environment • Employer provided equipment. • Medical, dental, and vision insurance • Health savings plan includes employer contribution to health savings account. • Medical and dental flexible spending accounts • Company paid basic life, short-term disability, and long-term disability insurance. • 401K plan with employer match • Company matches 100% of the first 4% of salary deferrals. • All contributions, including employer contributions, are 100% vested immediately. • Employee discount program for Electronics, Groceries, Travel, Entertainment, and more • Employee assistance program • Pay on demand. • Critical illness, hospital indemnity, group accident, and legal insurance • Paid time off. • And more! We are an Equal Opportunity and Drug-Free Workplace. The Job Description is not an exhaustive statement of all duties, responsibilities, or qualifications of the job, nor is it intended to limit opportunities for necessary modifications. The Job Description does not constitute an employment contract of any kind. Apply tot his job