Senior Trust Assurance Specialist

We are seeking a Senior Trust Assurance Specialist to join the Trust Office team at DigiCert. The successful candidate will have at least 5 years of experience in compliance, risk management, and leading internal and external audits, with a strong background in ISO 27001, ETSI, and other relevant cybersecurity standards. This role requires an individual with strong knowledge of regulatory frameworks, exceptional analytical and organizational skills and the ability to effectively communicate and collaborate with internal and external stakeholders. The role will report to DigiCert's Head of Compliance and will be part of the Trust Office team.

• Regulatory Compliance: Ensure compliance with WebTrust for CAs, ISO 27001, NIST 800-53 r5, NIST 800-63, FISMA, and other regulatory and industry frameworks.
• Audit and Assessment Management: Prepare for and lead internal and external audits, including SOC 2, WebTrust, and other compliance reviews.
• Risk Management: Provide input into DigiCert's risk management program.
• Policy Development: Provide input and review for relevant DigiCert internal policies and procedures. Ensure appropriate controls are designed and implemented throughout the environment to comply with security policies and procedures.
• Stakeholder Collaboration: Work closely with Security, IT, Legal, and Operations teams to ensure compliance objectives are met.
• Stay informed of emerging regulatory trends and changes, advising senior on potential impacts and necessary adjustments to the compliance program.
• Serve as a liaison with relevant regulatory bodies, agencies, and external auditors, managing communications and coordinating inspections or investigations.
• Collaborate with Legal, Finance, HR and other departments to ensure cohesive compliance strategies and responses to regulatory issues.
• Help foster a culture of compliance and security throughout the organization.
• Any other similar related activities as assigned.

• Minimum bachelor's degree in law, compliance, computer science or related field.
• 5+ years of experience in compliance, risk management, or internal audit, preferably in a cybersecurity, PKI, or cloud environment.
• Strong knowledge of PKI, digital certificates, and cryptographic security principles.
• Experience with standards such as WebTrust for CAs, SOC 2, ISO 27001, FIPS 140-2/3, and NIST frameworks (800-53 r5, 800-63).
• Experience engaging with regulatory bodies, auditors, and external auditors.
• Experience writing and evaluating control design.
• Certifications such as CISSP, CISM, CISA or CRISC are highly desirable.
• Excellent analytical, organizational and communication skills.
• Experience with compliance and risk management software and the ability to leverage technology for efficient compliance monitoring and reporting.

• Native, bi-lingual or business proficiency in Swiss German or German.

We're a leading, global security authority that's disrupting our own category. Our encryption is trusted by the major ecommerce brands, the world's largest companies, the major cloud providers, entire country financial systems, entire internets of things and even down to the little things like surgically embedded pacemakers. We help companies put trust - an abstract idea - to work. That's digital trust for the real world.

• Provident Fund
• Medical Aid + Gap Cover
• Employee Assistance Program
• Gym Reimbursement
• Life Insurance
• Disability Insurance
• Sabbatical