Work with private equity and portfolio company clients, consulting on how to apply an information security vision and strategy in alignment with customer business objectives.
Work with customers to assess and address information security risks.
Assist in managing customer security programs including the achievement and/or maintenance of key compliance initiatives such as SOC, ISO27001, NIST, PCI, and SOX.
Crosslake supports changemakers and helps them buy, build, and run better technology. They believe in a programmatic, proactive approach to actively manage technology throughout the investment lifecycle.
Assess and improve client security and IT controls.
Develop policies, processes, and risk assessments aligned to top frameworks like NIST, ISO 27001, and SOC 2.
Translate technical and regulatory requirements into clear, actionable steps for our clients.
Hotman Group is a rapidly growing boutique firm redefining cybersecurity and GRC. They help business leaders earn and keep customer trust through expert guidance and a commitment to quality, fostering a collaborative environment where every voice matters.
Manage SOC 2 Type II audits, serving as the primary point of contact for auditors and collaborators.
Coordinate HIPAA compliance assessments, including risk analyses, policy reviews, and Business Associate Agreement (BAA) management.
Conduct structured gap analyses against applicable frameworks to identify control deficiencies and develop prioritized remediation roadmaps.
Rad AI is transforming healthcare with AI-driven solutions, revolutionizing radiology to save time, reduce burnout, and improve patient care. They have secured over $140M in funding and recognized as a fast-growing company, fostering transparency, inclusion, and close collaboration.
Lead end-to-end audits: Scope, plan, and execute risk based IT audits; develop work programs.
Operate in rapidly evolving technology domains: Perform audits in rapidly evolving areas including cybersecurity and cloud architecture.
Drive remediation & improvement: Quantify risks, identify root causes, and recommend realistic improvements to processes and controls.
CDK Global is a leading provider of cloud-based software to dealerships and Original Equipment Manufacturers (“OEMs”) across automotive and related industries. Their cloud-based, software as a service (“SaaS”) platform enables dealerships to manage their end-to-end business operations. They are committed to creating an inclusive workforce where everyone is valued and considered an Equal Opportunity Employer.
Collaborate with the engineering departments to implement security controls from approved security frameworks and drive best IT practices.
Interface with internal partner teams to help drive best practices and compliance.
Evaluate and perform Risk Assessments of new software solutions with internal partners.
Judi Health is an enterprise health technology company providing a comprehensive suite of solutions for employers and health plans. They consolidate all claim administration-related workflows in one scalable, secure platform and are working with clients, rebuilding trust in healthcare in the U.S.
Liaise with the SOX Testing team and key stakeholders to ensure Flywire’s overall compliance with SOX requirements.
Drive efforts to improve SOX IT scoping strategies and develop a comprehensive understanding of applicable IT and business processes.
Evaluate and track reported control deficiencies, root causes, and planned corrective actions in conjunction with IT and business process owners.
Flywire is a global payments enablement and software company that helps clients get paid and their customers pay with ease. With over 1,200 global FlyMates, representing more than 40 nationalities, they are looking for FlyMates to join the next stage of their journey as they continue to grow.
Manage and develop staff members under Product Compliance.
Oversee and contribute to the vulnerability management lifecycle.
Assess and serve as a subject matter expert for regulatory and compliance requirements.
ExtraHop is a company that focuses on network detection and response (NDR) to help organizations stay ahead of emerging threats. They integrate network threat detection, network performance management, intrusion detection, and packet forensics into a single console.
Support the development, implementation, and maintenance of IT compliance policies, standards, procedures, and controls.
Coordinate and support internal and external audits, including preparation of documentation, evidence collection, and remediation tracking.
Perform periodic compliance assessments, gap analyses, and risk assessments against applicable frameworks and standards.
Xcelerate Solutions, founded in 2009 and located in McLean, VA, is a fast-growing company. The company is defined by a diversified workforce of dynamic and versatile professionals, with growth and development opportunities that contribute to individual and firm growth.
Manage certification frameworks, including CMMC, NIST, and SOC 2.
Develop, track, and maintain security and compliance policy documents.
Analyze and review system configurations for security vulnerabilities.
Rubris Inc. provides transformational legal technology and solutions for complex business and legal processes in the mass tort industry. They streamline and automate processes to improve efficiency while delivering unprecedented insights and analytics.
Assist in the preparation and execution of third-party audits and assessments.
Support the development and maintenance of Eltropy’s GRC program.
Conduct and manage vendor security assessments, maintain risk tracking, and ensure third-party compliance.
Eltropy is a FinTech company aiming to transform financial service access. They provide an AI-enabled digital conversations platform for community financial institutions to enhance operations, engagement, and productivity.
Lead security governance, risk management, and compliance efforts.
Oversee security operations and incident response.
Partner with IT, Clinical Operations, Privacy, and Compliance to ensure regulatory requirements and industry frameworks.
Tuesday Health is a value-based palliative care provider group dedicated to transforming serious illness and end-of-life care. Through their leading-edge care model, Tuesday Health is shaping the future of community-based palliative care nationwide.
Collaborate with business leadership, Legal, Procurement, and Cyber to review terms and conditions.
Track status of risk remediations in the risk register with business stakeholders.
Contribute to overall program enhancements and drive automation with various IT and Cybersecurity stakeholders.
NBCUniversal is a leading global media and entertainment company creating content across film, television, and streaming. They operate theme parks and own brands like NBC, Telemundo, and Universal Pictures. The company values improving communities and promotes an inclusive culture to reflect the diversity of the world.
Perform physical pentests and social engineering analysis
Evaluate the impact of new development on the operational security posture of IT systems
Propose, assess, coordinate, implement, and enforce information systems security policies, standards, and methodologies
Eurofins Scientific provides analytical testing services to clients across multiple industries, ensuring safety and sustainability. With 55,000 staff across 900 laboratories in over 50 countries, it is a global leader in food, environment, pharmaceutical, and cosmetic product testing.
Lead and manage SOC 1 and SOC 2 examinations under AICPA standards.
Support end-to-end SOX planning and execution, including IT system scoping.
Act as a trusted advisor to Security, IT, Infrastructure, Engineering, Data, and Finance teams.
Kraken is a mission-focused company rooted in crypto values. They are committed to accelerating the global adoption of crypto, so that everyone can achieve financial freedom and inclusion. As a fully remote company, they have Krakenites in 70+ countries who speak over 50 languages.
Develops and refines performance methodologies that support the cybersecurity requirements.
Oversee independent assessments and review Security Impact Analyses (SIA).
Incorporate compliance data into the Governance, Risk, and Compliance Tool (GRCT).
SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider. It is an established ISO 9001:2015 and ISO/IEC 27001:2013 certified small business and appraised at CMMI Level 3 for Services and Development.
Own and lead enterprise-level compliance programs.
Define and mature ISO 27001 and ISO 42001 control environments and SOX 404 ITGCs.
Act as a subject matter expert and internal consultant for various teams.
Spring Health aims to eliminate mental health barriers with its clinically validated technology, Precision Mental Healthcare. They partner with over 450 companies, providing care for 10 million people and are valued at $3.3 billion.
Oversee third-party and internal risk assessments to support enterprise information security and governance, risk, and compliance (GRC) initiatives.
Manage vendor due diligence, maintains an accurate risk register, partners with internal stakeholders on mitigation strategies.
Drive continuous improvement of the risk and compliance framework.
Concorde Career Colleges is committed to a policy of Equal Employment Opportunity and will not discriminate against an applicant or employee based on race, color, religion, religious creed, national origin, ancestry, sex, age, veteran or military status, or any other legally protected characteristic. Concorde Career Colleges offer short career-focused programs preparing students for the healthcare industry.
Lead audit readiness and execution for SOC 2, ISO 27001, PCI DSS, and other compliance frameworks relevant to our customer base
Manage the compliance lifecycle in a compliance platfom (such as Vanta, Drata etc) including evidence collection, control mapping, and continuous monitoring
Coordinate cross-functional audit activities with engineering, product, security, infrastructure, and support teams to gather evidence and remediate findings
Supabase is a born-remote and open-source-first company that provides tools developers love. They have 180+ team members across 40+ countries, and deeply believe in the open-source ecosystem and strive to support existing tools and communities.
Execute IT audit engagements, including audit planning, risk assessment, testing, documentation, and reporting.
Provide expert technical expertise on mainframes, privileged access management, system configuration, and resiliency.
Advise on security and compliance issues, including access control frameworks, audit logging, traceability, and cybersecurity fundamentals.
Jobgether uses an AI-powered matching process to ensure applications are reviewed quickly, objectively, and fairly. They identify the top-fitting candidates and share the shortlist with the hiring company.
Seek out opportunities to evangelize AuditBoard’s value to partners.
Lead compelling demonstrations and training of AuditBoard’s IT Risk and Compliance (ITRC) solutions to AuditBoard’s strategic partners tailored to a partners GTM approach.
Maintain accurate mapping of partners’ field teams, penetration rates across our practice lines, and identify opportunities to increase our footprint.
AuditBoard is the leading audit, risk, ESG, and InfoSec platform on the market, surpassing $300M ARR and continuing to grow. More than 50% of the Fortune 500 leverage their award-winning technology to move their businesses forward with greater clarity and agility. They are one of the 500 fastest-growing tech companies in North America.