Fresh Openings at DigiCert, Inc.

Job summary

• We are seeking a Trust Assurance Specialist to join the Trust Office team at DigiCert. This role is responsible for owning defined compliance and assurance areas, including audit execution, control management, and regulatory alignment.
• The successful candidate will have a minimum of 5 years of experience in compliance, risk management, or audit, with the ability to independently manage audit and control activities and engage stakeholders across the organization.
• This role reports to the Head of Compliance and works closely with cross-functional teams across Security, IT, Legal, and Operations.

What you will do

Audit & Assurance Support

• Own and manage assigned external (e.g., SOC 2, WebTrust) and customer audits
• Plan audit activities, coordinate stakeholders, and ensure timely delivery of evidence
• Track, manage, and drive remediation of audit findings

Regulatory Compliance

• Ensure ongoing compliance within assigned frameworks (e.g., WebTrust for CAs, SOC 2, ISO 27001, NIST)
• Interpret regulatory requirements and ensure controls align with both regulatory expectations and internal policy frameworks 

Control Management

• Design, document, and evaluate controls to ensure effectiveness and compliance
• Perform and oversee control testing within assigned areas
• Identify control gaps and drive remediation efforts

Risk & Governance Support

• Provide input into risk assessments and support broader risk management activities.
• Assist in maintaining compliance documentation and reporting.

Stakeholder Collaboration

• Partner with internal teams (Security, IT, Legal, HR, Operations) to support compliance initiatives.
• Act as a point of contact for audit-related queries within assigned areas.

Continuous Improvement

• Stay informed on relevant regulatory and industry developments.
• Identify opportunities to improve compliance processes, tools, and reporting.

General

• Support a culture of compliance and security awareness across the organization.
• Perform other related duties as assigned.

What you will have

• Bachelor’s degree in Law, Compliance, Information Security, Computer Science, or a related field
• Minimum 5 years of experience in compliance, risk management, audit, or related roles
• Experience managing audits and working with frameworks such as SOC 2, ISO 27001, WebTrust, or NIST
• Experience in control design, documentation, and testing
• Strong analytical and problem-solving skills
• Excellent communication and stakeholder management skills
• Ability to work independently and manage multiple priorities

Nice to have

• Exposure to PKI, cybersecurity, or cloud environments
• Progress toward or attainment of certifications such as CISA, CISM, CRISC, or CISSP

go to method of application »

Job summary

• We are seeking a Risk Manager to join the Trust Office team at DigiCert. This role is responsible for driving the continued development and operation of DigiCert’s risk management program by implementing consistent risk processes, facilitating risk assessments, and supporting effective oversight of operational and technology risks.
• The Risk Manager will work closely with cross-functional stakeholders to identify, assess, and manage risk across the organization. The role will also support DigiCert’s Third-Party Risk Management (TPRM) program and contribute to risk reporting and governance activities.
• This position reports to the Head of Compliance & Risk and will manage a small team of risk analysts supporting risk management and third-party risk activities.

What you will do

• Support the ongoing development and maturity of DigiCert’s risk management program and associated processes.
• Facilitate risk identification and assessment activities across business and technology functions.
• Maintain and update the centralized risk register, ensuring risks are clearly documented, prioritized, and assigned to accountable owners.
• Work with business leaders to evaluate risk exposure and support the development of practical mitigation strategies.
• Support internal audits, external audits, and regulatory examinations related to risk management practices.
• Assist with the development of risk reporting and dashboards for senior leadership and governance forums.
• Collaborate with Security, IT, Compliance, Legal, and operational teams to identify and address technology and operational risks.
• Support the integration of acquired entities into DigiCert’s risk management framework.
• Support DigiCert’s Third-Party Risk Management (TPRM) program, including vendor risk assessments and ongoing monitoring activities.
• Assist in improving risk processes, documentation, and governance practices to ensure scalability and consistency.
• Own the quality, consistency, and timeliness of risk assessments and risk data
• Ensure effective execution of risk processes across the organization

What you will have

• Bachelor’s degree in Risk Management, Information Security, Business, Law, or a related field.
• 9+ years of experience in risk management, compliance, governance, or related roles.
• Experience supporting risk management programs in technology-focused or regulated organizations.
• Familiarity with risk management frameworks such as ISO 31000, COSO, or NIST.
• Experience supporting risk assessments, risk registers, and risk reporting.
• Experience supporting Third-Party Risk Management (TPRM) processes is preferred.
• Strong analytical and problem-solving skills.
• Strong written and verbal communication skills.
• Ability to collaborate effectively across technical and business teams.
• Relevant certifications such as CRISC, CISA, CISSP, or CISM are beneficial.

Benefits

• Provident Fund
• Medical Aid + Gap Cover
• Employee Assistance Program
• Gym Reimbursement
• Life Insurance
• Disability Insurance