Design and implement automation, dashboards, and integrations that power our Governance, Risk, and Compliance (GRC) operations.
Operationalizing and expanding our GRC platform (Drata), building AI-assisted workflows that automate evidence collection, control monitoring, and vendor risk.
Manage project delivery across multiple GRC automation initiatives simultaneously — maintaining clear scope, milestones, and stakeholder visibility without sacrificing quality.
Own the governance framework for Life360's agentic systems and define the policies and control sets that govern how agents are built and deployed.
Take an agentic approach to GRC itself by automating evidence collection, drafting control narratives and triaging vendor questionnaires using AI and internal tooling.
Build the policy program as code with policies in Git and requirements expressed as enforceable rules and automated checks.
Life360's mission is to keep people close to the ones they love. They have a category-leading mobile app and other tracking devices to empower members to protect people, pets and things. Life360 has more than 500 remote-first employees and is growing.
You'll partner directly with the Senior Manager of GRC to lead our commercial audit programs, from evidence collection and control testing to deep technical walkthroughs with external auditors and internal SMEs.
You'll own the question of what "good evidence" looks like across SOC 2 Type II, ISO 27001/27017/27018, and ISO 27701, and you'll know where to find it in the systems that generate it.
Help build the AI-assisted workflows and automation that make our audit programs more efficient and our compliance posture more continuous.
1Password is building the foundation for a safe, productive digital future. They ensure every identity is authentic, every application sign-in is secure, and every device is trusted. Over 180,000 businesses trust 1Password. We prioritize collaboration, clear and transparent communication, receptiveness to feedback.
Partner with Security Engineering, Risk, Product, and Infrastructure teams to bake security and compliance into the process.
Dive deep into the security stack to identify execution blockers and actively architect the technical solutions to implement them.
Define the technical milestones for high-stakes initiatives like Zero Trust and IAM overhauls, translating a broad vision into a precise execution roadmap.
Human Interest aims to provide all workers access to retirement benefits. They are a high-growth fintech company that is financially backed by investors such as BlackRock, TPG, and SoftBank.
Monitor security findings and support remediation workflows.
Develop scripts and automation to improve security workflows.
GuidePoint Security provides trusted cybersecurity expertise, solutions, and services. They help organizations make better decisions and minimize risk with a three-tiered, holistic approach to security. GuidePoint has over 1,200 employees and serves more than 6,200 customers.
Design, build, and maintain SOX control automation that reduces manual work for IT and control owners.
Build API-driven integrations across our SaaS and infrastructure stack – Okta, Google Workspace, GitHub, AWS, and Atlassian.
Extend our RBAC and access governance tooling, with a focus on automated provisioning, deprovisioning, and entitlement reviews.
Life360's mission is to keep people close to the ones they love with a range of services. Life360 has more than 500 (and growing!) remote-first employees and is a remote-first company.
Maintain and improve information security policies, standards, and procedures.
Support SOC 2, ISO 27001, and HITRUST readiness, audit preparation, and evidence collection.
Support vendor security reviews, third-party risk assessments, and remediation tracking.
Benepass is making benefits easy through its customizable fintech platform. They enable People teams to implement, administer, and track benefits that meet employees where they are. The company has raised approximately $75 million in equity capital and is backed by leading investors.
Manage and expand Valon's security and privacy compliance program across key frameworks and regulations.
Build and scale modern Security GRC capabilities that leverage AI-enabled tools and processes, reducing manual overhead while optimizing risk and compliance operations.
Maintain and evolve Valon's risk management practices; facilitate risk assessments across teams and track remediation of identified issues to closure.
Valon is building the AI-native operating system for regulated finance, starting with mortgage servicing. We're a Series C company backed by a16z, transforming industries that others have written off as too complex to innovate.
Drive compliance efforts to unlock business capabilities
Secure Owner by helping teams successfully prevent and remediate vulnerabilities
Help teams build better and more secure systems by avoiding pitfalls of risk.
Owner is an AI-native system local business owners use to succeed, starting with restaurants. It's building the system that replaces the many tools owners use to run their business and powers everything from the restaurant’s website, online ordering, CRM, POS, and more. The team is in the low hundreds.
Understand real security workflows across threat modeling, privacy, and vendor risk.
Integrate Clearly AI into those workflows alongside Jira, ServiceNow, Confluence, and GitHub.
Drive disciplined implementation from contract to production.
Clearly AI automates the most painful bottleneck in the enterprise: security and privacy reviews. We help security teams complete high-quality threat models, privacy impact assessments, and vendor risk evaluations in minutes instead of weeks. We are early and deeply technical, backed by Y Combinator and live with Fortune 500s and global brands.
Act as the primary point of contact for external auditors and lead the end-to-end execution of PCI DSS audits.
Orchestrate and lead the quarterly and semi-annual user access review process across all critical systems.
Execute and maintain a comprehensive, year-round Security Awareness Training program.
Subsplash builds The Ultimate Engagement Platform™ for churches, Christian ministries, non-profits, and businesses around the world. They are an award-winning team of 280+ mission-driven people who are committed to humility, innovation, and excellence.
Own end-to-end execution of Lumin’s external audit and assessment portfolio.
Design, mature, and lead a scalable, risk-based internal technical audit program.
Lead the identification, evaluation, and adoption of AI and automation capabilities across the assurance lifecycle.
Lumin Digital empowers credit unions and banks by creating cutting-edge digital experiences that continuously serve, engage, and grow their membership base. They are 100% cloud-native and thrive on curiosity and innovation, fostering trust, respect, and boldness.
Build detections and security signal pipelines in Datadog.
Serve as the subject matter expert on AWS Cloud and on-prem infrastructure security.
Act as the technical lead during security incidents, including investigation and remediation.
Voltus is the leading platform connecting distributed energy resources to electricity markets, delivering less expensive, more reliable, and more sustainable electricity. Our company appears to be a remote-first company, and values diversity and inclusion.
Lead cyber risk assessments and control reviews to identify gaps.
Act as a bridge between GRC and technical teams.
Own and maintain the Internal Control Framework.
Inetum is a global leader in IT services, dedicated to delivering innovative solutions to our clients. They are committed to fostering a dynamic and inclusive work environment that values diversity, where creativity and collaboration can thrive. Present in 19 countries with more than 28,000 employees worldwide.
Provide security automation and application development expertise.
Assist in detection and alerting through various security tools.
Evaluate new technologies and processes that enhance security capabilities.
Ivanti manages, automates, and protects data and technology to empower continuous innovation. Their AI-powered platform brings IT and Security teams together around a single, trusted system of record enabling smarter decisions. They serve 34,000 customers across 149 countries.
Smartsheet helps people and teams achieve their goals with seamless work management and scalable solutions. They empower teams to automate tasks, uncover insights, and scale smarter, fostering a culture of innovation and impact with a focus on challenge and purpose.
Execute on milestones for end-to-end SecOps & Threat initiatives in accordance with the Security roadmap.
Identify and respond to complex security incidents, including system compromise, intrusion attempts, and/or denial of service attacks by conducting continuous monitoring, vulnerability assessments, and log analysis.
Research emerging threats, publicly disclosed vulnerabilities or attack vectors, and proactively push mitigating controls to products and services.
6sense's mission is to multiply what matters: growth, retention, and efficiency. They envision a future where companies, teams and people reach their full potential. People are the heart and soul of the company with a growth mindset culture that is represented in all that they do.
Serve as a member of Sword's GRC team, contributing to security compliance across all products and services.
Define and maintain the CMMC assessment boundary, working across infrastructure, engineering, and business teams to ensure the scope is accurate and defensible.
Translate identified gaps into prioritized remediation tasks with clear ownership, for audiences ranging from DevOps engineers to clinical operations managers.
Sword Health is building AI to heal billions and unlock humanity’s full potential. As both a clinical-centric frontier AI lab and an applied AI platform, Sword is reimagining how care is delivered at scale. They have over 700,000 members across three continents and have raised more than $500 million from leading investors.
Build the function by creating delivery operating model and reusable IP.
Deliver and scale service lines, including framework digitization and packaged services.
Own commercial outcomes by defining service packaging and pricing models.
Sprinto is an AI-native GRC platform that helps organizations manage risks, audits, vendor oversight, and continuous monitoring from a single connected platform. With a team of 350+ employees serving 3,000+ customers across 75+ countries, they combine scale with expertise to deliver trust and compliance.
Design, develop, and implement cloud security architecture solutions in Microsoft Azure.
Build and maintain security automation using Infrastructure as Code (IaC) tools.
Collaborate with development teams to embed security into CI/CD pipelines.
Hanger, Inc. is the world's premier provider of orthotic and prosthetic (O&P) services and products, offering advanced O&P solutions. With 160 years of excellence, Hanger employs many to help people achieve new levels of mobility and freedom.
Lead security strategy across infrastructure, cloud systems, and enterprise applications.
Drive SOC 2, ISO 27001, and ISO 42001 readiness/certifications.
Own vulnerability management, threat monitoring, and incident response workflows.
SaaS Talent is a recruiting company, and a hiring, business development and growth partner with 20+ years of experience in SaaS and Hi-Tech that helps you scale and transform your business. They've worked with 100+ companies and helped them achieve their goals.