Own day-to-day execution of SOC 1, SOC 2, PCI DSS, and ISO 27001 readiness and audit cycles.
Develop and maintain policies, procedures, risk assessments, control narratives, and supporting documentation.
Facilitate risk assessments for systems, vendors, products, and business initiatives.
Astra is building mission-critical infrastructure for moving money at scale. Their platform processes billions in annual transaction volume with 99.9%+ uptime, powering real-time transfers, bank debits, card disbursements, and complex financial compliance systems.
Lead SOC 1 & SOC 2 (Type I/II) control scoping, testing, and reporting.
Act as primary client contact, translating technical control requirements into clear, actionable guidance.
Mentor and supervise junior auditors for alignment with standards.
Jobgether uses an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Their system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company.
Acting as the primary subject matter expert for all security and compliance inquiries.
Taking end-to-end ownership of certification lifecycles, such as ISO 27001 and Cyber Essentials.
Working closely with the GRC team to improve existing programs.
Sword Health is shifting healthcare from human-first to AI-first through its AI Care platform, making world-class healthcare available anytime, anywhere. They have over 1,000 enterprise clients and are backed by 42 clinical studies and over 44 patents.
Lead the configuration and management of GRC tools to ensure integration with security systems.
Manage the main dashboard for SOC 2 reporting, ensuring accuracy and compliance.
Develop and maintain a comprehensive risk management program and conduct risk assessments.
Engine is transforming business travel into something personalized, rewarding, and simple. They have over 20,000 companies relying on Engine to support over 1 million travelers and billions in annual bookings each year and have been recognized as one of the fastest-growing travel and fintech platforms in North America.
Coordinate compliance with standards (PCI, HIPAA, ISO 27002, SOC 1/2/3, FISMA/FedRAMP, etc.) under guidance.
Maintain evidence repositories and partner with SMEs to refresh artifacts.
Coordinate audits and certification efforts, partnering with support teams on timelines and resourcing.
Experian is a global data and technology company, powering opportunities for people and businesses around the world. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), they have a team of 22,500 people across 32 countries.
Design and test prompts to shape AI behavior and review outputs.
Build and maintain the “truth layer” for real-world GRC answers.
Evaluate and improve AI quality, ensuring responsible AI use.
Vanta helps businesses earn and prove trust by continuously monitoring and verifying their security. They empower companies to practice better security and prove it with ease, with a kind and talented team that consists of both people with and without prior security experience.
Guide and review work completed by junior team members
Perform walkthroughs, testing, and documentation for SOC 2, SOC 1, and HIPAA engagements
Insight Assurance is a global audit firm transforming how organizations achieve cybersecurity and compliance. Founded by former Big 4 (EY) professionals, they deliver next-generation audit services and are a fast-growing global audit firms with 170+ professionals.
Lead the development, implementation, and continuous improvement of a comprehensive healthcare privacy and compliance program.
Ensure all organizational operations meet and exceed regulatory, governance, and client standards, including HIPAA, HITRUST, SOC2, and Medicare/Medicaid requirements.
Proactively identify and mitigate compliance risks across the enterprise.
EPIC Insurance Brokers & Consultants is one of the fastest-growing firms in the insurance industry. They have over 3,000 employees nationwide and are headquartered in San Francisco. Their core values are: Owner mindset, Inspire trust, Think big, and Drive results.
Collaborate with cross-functional teams to maintain and improve the company's comprehensive compliance program.
Manage the end-to-end audit process for SOC 2 compliance, ensuring timely and accurate completion.
Oversee the Information Security Risk Management Program, documenting identified risks, coordinating mitigation efforts.
airSlate is a global SaaS technology company that develops no-code workflow automation, electronic signature, and document management solutions. They have teammates in more than 20 countries across three continents and main hubs in the United States, Poland, Romania, Ukraine and Philippines.
Lead customer due diligence questionnaire (DDQ) and RFP response process and third-party risk management process.
Support enterprise sales with technical customer security discussions.
Lead SOC 2 Type II audit preparation, evidence collection, and remediation.
Vanilla is an AI-powered estate advisory platform that aims to modernize estate planning. They are a startup distributed across the U.S. with a mix of fully remote and hybrid roles that embraces flexibility and values curious builders and problem-solvers.
Deliver world-class cyber security assessment and advisory services across multiple Compliance offerings.
Work effectively as a team member on large engagements and remain current on technical knowledge.
Demonstrate GuidePoint’s Core Values at all times and achieve and maintain relevant cyber security and audit certifications.
GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. Since its inception in 2011, GuidePoint has grown to over 1000 employees and firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere.
Generate and provide IT documentation for internal and external audits.
Follow up on resolution of audit findings related to IT compliance.
We are the company that cares – for our staff, for our clients, for our partners and for the quality of the work we do. A dynamic, global company founded in 1995, we bring together more than 2,900 driven, dedicated and passionate individuals.
Own our information security strategy and build our security roadmap.
Maintain our ISO 27001 certification, preparing for SOC 2 readiness.
Operate strategically and tactically, developing policy and reviewing cloud configurations.
ApprovalMax is redefining how finance teams manage the Money Out cycle — from purchase orders and supplier bills to employee expense management and payroll. Trusted by 18,000+ businesses worldwide, our platform empowers companies to automate financial controls, ensure compliance, and scale efficiently.
Support internal and external audits by helping coordinate documentation, timelines, and follow up items
Collaborate with cross functional partners to gather information and support compliance reviews
Monitor daily, weekly, and monthly quality and oversight reports to ensure regulatory and internal deadlines are met
Spring Health is on a mission to revolutionize mental healthcare by removing every barrier. They partner with over 450 companies and brands you use and know like Microsoft, Target, and Delta Airlines, providing care for 10 million people.
Play a critical role in the technical development, implementation, and maintenance of the GRC platform.
Drive integration strategies between GRC platforms and enterprise systems for automated data sharing and reporting.
Provide expert guidance and leadership on GRC technical matters to senior leadership and business stakeholders.
Jobgether is a platform helping candidates find jobs. They use AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements.