🛠 Tech Stack

💼 About This Role

You'll architect and automate Replit's compliance-as-code program, embedding security controls into the agentic software creation platform. Your work will directly enable enterprise sales by building customer trust through automated evidence collection. This role offers high impact at a high-growth startup where you'll shape GRC strategy from the ground up.

🎯 What You'll Do

• Architect compliance-as-code and automated evidence collection systems
• Partner with engineering to bake compliance requirements into design phase
• Manage security risk register and quantify business risks
• Lead external auditor relationships and customer security reviews

📋 Requirements

• 8+ years experience in GRC or Information Security
• Technical fluency in cloud (GCP/AWS) and security architecture
• Deep experience with SOC 2, ISO 27001, PCI, HIPAA, Privacy laws
• GRC automation tools experience (e.g., Vanta, Drata)

✨ Nice to Have

• Familiarity with FedRAMP, ITAR, or AI regulation

🎁 Benefits & Perks

• 💰 Competitive Salary & Equity
• ⚕️ Health, Dental, Vision and Life Insurance
• 🚼 Paid Parental, Medical, Caregiver Leave
• 🏖️ Flexible Time Off (FTO) + Holidays
• 🚀 Quarterly Team Gatherings

📨 Hiring Process

Estimated timeline: 2-4 weeks · AI estimate

1. 1Phone Screen· 30 min
2. 2Technical Interview· 60 min
3. 3Hiring Manager Interview· 45 min