More jobs:
Job Description & How to Apply Below
The Sovereign Cloud Compliance Manager is responsible for designing, implementing, and monitoring the regulatory compliance framework for sovereign cloud solutions across multiple jurisdictions. This role ensures that data hosting, processing, and operational access meet national, regional, and sector-specific data sovereignty requirements (e.g., EU & US wide regulations, India's DPDP Act). You will bridge the gap between technical infrastructure teams and legal requirements to ensure data remains secure, local, and compliant.
Key Responsibilities
Regulatory Mapping & Strategy: Interpret complex, evolving international data privacy laws (GDPR, DORA, NIS2, US CLOUD Act) and translate them into actionable, technical security controls for sovereign environments.
Compliance-by-Design: Work with engineering and product teams to integrate security and compliance requirements into the cloud architecture lifecycle, ensuring data residency, metadata control, and access restrictions are met.
Audit & Certification Management: Own the preparation and execution of internal and external audits, including ISO 27001, SOC2, Sec Num Cloud , BSI-C5, or regional equivalents (e.g., IRAP, SAMA).
Vendor & Operational Due Diligence: Evaluate third-party providers and internal operational teams to ensure they adhere to local citizenship, security clearance, and residency requirements.
Continuous Monitoring & Risk Mitigation: Implement, document, and manage CAPA (Corrective and Preventive Actions) remediation plans for vulnerabilities and non-compliance findings.
Data Sovereignty Governance: Maintain a register of data flows, ensuring all data, metadata, and logs remain within authorized national boundaries.
Stakeholder Liaison: Act as the primary interface between legal, technical teams, risk management, and regulatory authorities.
Required
Skills & Qualifications
Experience:
15+ years of experience in IT security, risk management, or compliance, with at least 4-5 years focused on cloud compliances.
Sovereign Cloud Knowledge: Deep understanding of sovereign cloud principles:
Data Sovereignty, Operational Sovereignty, and Technology Sovereignty.
Regulatory Knowledge: Proficiency in regulatory and specific national data localization laws
Technical Familiarity: Knowledge of key cloud concepts:
Bring-Your-Own-Key (BYOK), zero-trust architecture, and encryption methods.
Certifications:
At least one of the following is required: CISSP, CISM, CISA, CRISC
Analytical
Skills:
Ability to analyze large volumes of technical data and identify key compliance themes.
Preferred Qualifications
Background in technical engineering with specialization in Law/Compliances will be preferred
Experience with hybrid cloud and Multi Cloud Platform strategies.
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×