Audit Lifecycle Leadership: Lead the end-to-end execution of large-scale consolidated audits (ISO 27001/17/18, SOC 2/3, PCI-DSS, HIPAA, etc.). Manage external auditor relationships and hold accountability for successful, zero-finding audit outcomes.
Operational Architecture: Beyond maintaining current documentation, you will redesign our compliance "source of truth." Lead the adoption of Git-based workflows, Markdown/YAML documentation, and centralized dashboarding to ensure our data is audit-ready and observable at all times.
Cross-Functional Diplomacy: Act as the primary compliance liaison between Product Security, SRE, Legal, and HR. Proactively resolve complex blockers, negotiate evidence requirements, and facilitate technical tabletop exercises for BC/DR and IR.
Team Mentorship: Serve as a force multiplier. Mentor Associate and Junior Program Managers on audit best practices, interview preparation, and stakeholder communication. You will be expected to raise the bar for the entire team's output.
Strategy & Roadmap Contribution: Influence our long-term compliance roadmap by identifying systemic bottlenecks, planning for new regulatory requirements (e.g., EU AI Act, QC1/QC2), and supporting the global expansion of our hybrid cloud offerings.
Requirements
Experience: 5+ years of experience in GRC, Information Security, or IT Program Management. Proven history of leading large-scale external audits in cloud-native or SaaS environments.
Deep Framework Expertise: Subject matter expertise in with current industry frameworks (PCI-DSS, ISO, SOC, HIPAA etc).
Technical Proficiency: Experience in Git, Markdown, and YAML is required, as our compliance documentation lives in version control.
Strategic AI Literacy: Demonstrated ability to leverage AI/LLM tools (e.g., Gemini, Cursor, NotebookLM) to automate compliance tasks.
Project Management & Conflict Resolution: A track record of successfully navigating high-pressure audit cycles and resolving conflicting priorities across engineering and security teams.
Leadership Presence: Ability to represent Red Hat compliance interests confidently in front of external auditors and internal executive stakeholders.
Why You'll Thrive Here
Build the Future: You aren't just maintaining status quo compliance; you are building a modern, automated compliance infrastructure.
Cross-Pollination: You will work directly with our engineering teams, meaning your input directly impacts the security and compliance roadmap of our products.
High Autonomy: We value proactive leaders who identify problems and propose technical solutions before they become audit findings.
The salary range for this position is $118,600.00 - $195,680.00. Actual offer will be based on your qualifications.
Pay Transparency
About Red Hat
Benefits
Remote work optionsEquity / stock optionsPerformance bonus
Additional Information
Red Hat connects an innovative community of customers, partners, and contributors to deliver an open-source stack of trusted, high-performing solutions. We offer cloud, Linux, middleware, storage, and virtualization technologies, along with award-winning global support and implementation services. As a rapidly growing company, we support more than 90% of Fortune 500 companies.
Red Hat embraces a remote working culture and promotes work flexibility; this team is largely remote, and you are welcome to work from home.
Red Hat's Product Security Compliance team is looking for a Senior Compliance Manager to lead complex, multi-framework audit programs for our flagship cloud platforms. You will act as a primary lead for our large-scale external audits and a driver for our strategic shift toward compliance automation. This role is ideal for a seasoned compliance professional who is technically curious, capable of navigating cross-functional friction, and eager to architect a continuous audit-ready ecosystem.
Red Hat · Remote