Compliance Team Lead

About the role

Integration meets Innovation At Celigo, we believe integration should empower - not exhaust - innovation. As a modern Integration and Automation Platform (iPaaS), we're on a mission to simplify how companies integrate, automate, and optimize processes. Powered by game-changing technology like runtime AI and prebuilt, mission-critical integrations, Celigo is redefining how businesses connect their world. The Compliance Team Lead is an individual contributor role positioned at the emerging lead level, designed to own the day-to-day execution of Celigo's security compliance and risk operations. This role enables the Senior Director to operate strategically by taking ownership of core compliance workstreams: SOC 2 audit coordination, privacy rights fulfillment, policy governance, third-party risk assessments, and security questionnaire responses. A significant focus of this role will be supporting Celigo's ISO 27001 and ISO 42001 certification initiative. Under the direction of the Senior Director, this role will partner with an external advisory firm to build Celigo's integrated Information Security Management System (ISMS) and Artificial Intelligence Management System (AIMS) and will then own the ongoing management, maintenance, and operationalization of those management systems post-certification. This role also provides task-level guidance to the Security Risk & Compliance Analyst and supports their professional development. Both roles report directly to the Senior Director, Information Security & Compliance. What would you do if hired? SOC 2 Audit Readiness & Compliance Operations Lead day-to-day SOC 2 Type II audit activities, including evidence collection, artifact management, control testing coordination, and auditor liaison for both the Integrator.io and CloudExtend platforms Maintain the compliance calendar and ensure all control activities, access reviews, training attestations, and evidence requirements are completed on schedule Oversee the administration of the KnowBe4 policy attestation platform; track completion rates and follow up on outstanding attestations to support audit evidence requirements Lead the coordination and tracking of compliance evidence requirements across business units; document gaps and escalate to the Senior Director Maintain and update the Celigo Risk Register, including open risk items, remediation timelines, and status ISO 27001 & ISO 42001 Program Build and Management Serve as a primary internal resource supporting the build of Celigo's ISO 27001 ISMS and ISO 42001 AIMS under the leadership of the Senior Director and in partnership with an external advisory firm Contribute to gap assessments, control mapping, documentation development, and stakeholder interviews as part of the certification readiness program Own the ongoing management and operationalization of the ISMS and AIMS post-certification, including management reviews, internal audit coordination, control monitoring, and annual recertification preparation Maintain ISMS and AIMS documentation, ensuring policies, procedures, and evidence repositories remain current and audit-ready Serve as the internal subject matter resource for ISO 27001 and ISO 42001 requirements as Celigo's program matures Privacy, DSAR & Regulatory Compliance Handle Data Subject Access Requests (DSARs) in compliance with GDPR, UK GDPR, CCPA, and other applicable privacy regulations; maintain response logs and ensure timely fulfillment within regulatory deadlines Support privacy compliance activities, including PIA coordination for new AI tools, DPA review, and regulatory change tracking Monitor emerging regulatory requirements relevant to Celigo's operating environment, including the Colorado AI Act and other applicable frameworks Third-Party Risk Management Execute third-party vendor risk assessments in alignment with Celigo's tiered risk framework; review SOC 2 reports, security questionnaires, and DPAs for material gaps Maintain the vendor inventory and ensure all assessments are completed within the required cadences Lead security review intake for new AI tools and OAuth-connected applications; flag findings and escalate to the Senior Director Policy Governance & Documentation Own Celigo's security and privacy policy library, managing annual review cycles, stakeholder coordination, tracked-change workflows, and version control Identify gaps between policy requirements and current operational practice; develop remediation tracking and monitor progress Maintain compliance documentation repositories (Wiki, Google Drive) and ensure accuracy and accessibility of all compliance artifacts Customer-Facing Security & Team Coordination Lead responses to client and prospect security, privacy, and compliance questionnaires; coordinate with the Security Risk & Compliance Analyst on intake and response workflows Provide day-to-day task guidance, work assignments, and professional development support to the Security Risk &

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at celigo? Share your experience