🛠 Tech Stack

💼 About This Role

You'll build and run our compliance program end-to-end, owning the GRC calendar, Vanta instance, policy library, and audit evidence. You'll unblock enterprise deals by turning around security questionnaires quickly. This role combines operational compliance with a sales-forward mindset to earn customer trust.

🎯 What You'll Do

• Own SOC 2 audit end-to-end, including transition to rolling 12-month window
• Maintain and continuously improve policy library and GRC calendar
• Manage inbound security questionnaire queue for enterprise sales
• Maintain risk register and lead regular risk review cadences

📋 Requirements

• 3–5 years of GRC experience in a SaaS or technical environment
• Hands-on experience with multiple SOC 2 audits owning evidence
• Experience with AWS and GCP infrastructure and IaC
• Strong written communication for customer-facing policy writing

✨ Nice to Have

• Relevant certifications: CISA, CISSP, CISM, CCSK, or similar
• Familiarity with ISO 27001, GDPR, or FedRAMP frameworks
• Experience owning or heavily using a GRC tool (Vanta preferred)

🎁 Benefits & Perks

• 🏖️ Unlimited PTO
• 🏥 Health insurance
• 🏡 Remote-friendly (though role is on-site)
• 💲 Equity
• 📈 401k matching

📨 Hiring Process

Estimated timeline: 2-4 weeks · AI estimate

1. 1Recruiter Call· 30 min
2. 2Technical Interview· 1 hour
3. 3Final Interview· 1 hour