Security Compliance Senior Manager

Company Profile

nLighten is a European platform of distributed edge data centers, designed to meet the growing demand for AI, 5G, and hybrid cloud deployments. As a rapidly expanding provider, we offer scalable colocation hubs and best‑in‑class energy solutions across Europe. Our innovative and sustainable approach to digital infrastructure ensures reliability, efficiency, and future‑ready solutions for our clients.

nLighten currently operates 34 data centers across 7 European countries, with an ambition to expand to 100 sites within the next 3–4 years.
Learn more: www.nlighten.com

About the Role

We are seeking an experienced Senior Manager Security Compliance to lead, evolve, and maintain the Information Security Management System (ISMS) across nLighten’s European data center portfolio.

You will shape and execute our ISMS strategy, ensure regulatory alignment, oversee audits, and act as a subject‑matter expert for internal stakeholders. This role is central to embedding a strong security compliance culture while supporting both operational teams and customer‑facing requirements.

You will also mentor and guide country‑level compliance representatives and help drive a consistent governance framework across the organization.

Key Responsibilities

Governance & Strategy

• Lead the development, implementation, and continuous improvement of the ISMS in alignment with ISO/IEC 27001 and relevant standards.
• Define the long‑term ISMS Compliance roadmap, ensuring alignment with corporate security strategy and regulatory expectations.
• Maintain the organisation’s Statement of Applicability, risk treatment plans, and overarching security policies.

Audit Management

• Own and manage internal and external audit programs across Europe.
• Perform internal audits and support external audits, including evidence review and follow‑up actions.
• Oversee the GRC Tool used for audit and compliance activities.
• Generate audit KPIs and translate findings into actionable improvements.

Risk Management & Business Continuity

• Oversee the full lifecycle of information security risk assessments across datacentre operations, infrastructure, IT, and supporting services.
• Ensure risk owners and execute mitigation plans and track closure of identified risks.
• Provide SME guidance on Business Continuity Management (BCM) relevant topics.

Certification Management

• Own and manage nLighten’s ISMS certification portfolio which currently includes: ISO27001, PCI-DSS, ISO9001, ISAE3402 SOC1, HDS, FINMA, BSI IT-Grundschutz, EN50600, and others as required.

Stakeholder Engagement

• Partner with Operations, EHS, Security, Legal, IT, and Network teams on compliance topics.
• Provide training and awareness programs to strengthen the internal compliance culture.
• Present ISMS performance metrics, audit results, and risk posture to executive leadership.

Regulatory Compliance

• Lead or support compliance initiatives for GDPR, NIS2, DORA, EU AI Act, and related frameworks.
• Proactively monitor regulatory changes and ensure nLighten is ahead of compliance requirements.

What We’re Looking For

Education & Experience

• Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or a related field, or 8+ years of directly relevant experience.
• Proven experience leading regulatory audits, internal/external assessments, and customer audit.
• Experience managing and owning GRC platforms.
• Background in data center environments or other critical infrastructure is a plus.

Technical & Security Expertise

• Deep knowledge of ISO 27001/27002, GDPR, IT‑Grundschutz, SOC1/SOC2, and PCI‑DSS.
• Strong understanding of information security, risk management, and data protection principles.
• Familiarity with compliance programs for GDPR, NIS2, DORA, EU AI Act, etc.

Skills & Competencies

• Excellent verbal and written communication skills.
• Ability to collaborate across diverse teams and stakeholders.
• Strong attention to detail, structured working style, and ability to operate independently.
• Proactive, self‑motivated, and comfortable driving initiatives in a fast‑growing environment.

Languages & Mobility

• Fluent in English; additional European languages are an advantage.
• Willingness to travel within Europe as business needs require.