Security Advisor I
HighRadius
About Us
HighRadius provides a single Agentic AI platform for the Office of the CFO. It integrates 180+ agents that orchestrate end-to-end processes across Order-to-Cash, Close & Reconciliation, Consolidation & Reporting, Accounts Payable, B2B Payments, and Treasury. HighRadius guarantees operational KPI improvements by mapping them to specific agents on the platform. With a 3-6 month go-live period, HighRadius drives value creation at 1300+ enterprises such as 3M, Unilever, Bristol-Myers Squibb Company, Red Bull, Lufthansa, and more. HighRadius has been consistently recognized as a market leader by Gartner, IDC, and Forrester.
Job Summary:
We are seeking a proactive Security Advisor to join our Risk & Compliance team. This critical role will lead our comprehensive audit program, managing third-party (ISO 27001, ISO 42001, PCI DSS, ISO 27701), client and internal audits from end to end. This individual will also be a key driver in defining and maturing our risk management framework. The ideal candidate is a hands-on GRC professional who will also contribute to the continuous improvement of our security posture by reviewing and enhancing company policies, procedures, and standards. We require an expert with deep, hands-on experience using GRC tools and a strong understanding of the Unified Control Framework (UCF). Preferred candidates will also have a good working knowledge of NIST 800-53, and HIPAA regulations.
Responsibilities:
● Lead External Certifications: Manage the end-to-end lifecycle of third-party audits, ensuring successful certification and maintenance for ISO 27001, ISO 42001 (AI), ISO 27701 (Privacy), and PCI DSS. ● Client & Internal Audits: Act as the primary lead for al client-initiated security audits and questionnaires, while also planning and executing a robust schedule of internal compliance assessments. ● Audit Remediation: Coordinate with cross-functional teams to address audit findings, tracking non-conformities to closure and ensuring evidence of remediation. ● Framework Development: Define, implement, and actively mature the organization's Risk Management Framework to identify, evaluate, and mitigate security risks. ● Policy Lifecycle Management: Proactively review, draft, and enhance company-wide security policies, procedures, and standards to ensure they reflect the current threat landscape and business needs. ● Continuous Improvement: Drive the continuous evolution of the company’s security posture by identifying gaps in governance and recommending strategic improvements. ● GRC Tool Administration: Leverage deep, hands-on experience to implement and optimize GRC tools, streamlining compliance workflows and evidence collection. ● Unified Control Framework (UCF): Utilize the Unified Control Framework to map controls across various standards (ISO, PCI, NIST, HIPAA) to reduce redundancy and increase efficiency ("test once, satisfy many"). ● Regulatory Compliance: Ensure organizational alignment with industry-specific regulations and frameworks, specificaly NIST 800-53 and HIPAA, alongside the core ISO/PCI standards.
Don't want to miss the next one?
Subscribe to daily email alerts for roles matching your interests.