Source Job

• Lead and mature LiveKit’s security and privacy compliance programs.
• Own the day-to-day operations of compliance workflows.
• Partner closely with Security and IT Engineers on controls design, documentation, governance, and audits.

LiveKit is revolutionizing the AI landscape by providing the network infrastructure that powers multimodal AI interfaces.

As a Compliance and Risk Specialist, you will support the Compliance and Risk team by leading compliance initiatives. You will conduct risk assessments and remediation activities. You will contribute to the development of security strategies for systems deployed globally.

Canadian Bank Note Company (CBN) is a trusted leader in secure technology solutions for governments and businesses worldwide.

As an Information Security Officer at Form3, you'll play a pivotal role in strengthening and evolving our information security governance, risk, and compliance practices. Work closely with teams across the organization to embed security into business and technology decisions. Combine strategic oversight with practical execution, ensuring our controls, frameworks, and awareness initiatives remain industry leading as we scale globally.

Form3 is a company that offers a cloud-native, environment while helping define how security scales with the business.

The Sr. Manager, Governance Risk and Compliance (GRC) is responsible for overseeing Included Health's regulatory compliance, risk management, and governance programs. Ensuring compliance with healthcare regulations (HIPAA, HITECH, SOC 2), and building a robust GRC framework to protect PHI. This role plays a crucial role within the Governance, Risk & Compliance team, reporting directly to the Chief Information Security Officer.

Included Health is a new kind of healthcare company, delivering integrated virtual care and navigation, aiming to raise the standard of healthcare for everyone.

• Drive the implementation of technical controls and evidence gathering in collaboration with engineering for compliance standards.
• Manage the daily operational reality of audits, customer questionnaires, and internal IT/Security support requests.
• Rapidly prototype and ship internal tools, custom Vanta integrations, and scripts using AI-assisted development to close automation gaps.

Sayari is a risk intelligence provider equipping public and private sectors with visibility into complex commercial relationships. They deliver corporate and trade data from over 250 jurisdictions and are headquartered in Washington, D.C. They were also featured as one of Inc.’s “Best Workplaces” for 2025.

• Support the audit and assurance teams in performing ISO 27001 certification assessments and related information security audits.
• Assist in audit planning, evidence review, report preparation, and overall quality assurance.
• Handle client ingestion and onboarding activities, perform HubSpot data scrubbing and updates, and register new engagements in Asana and coordinate Insight ONE transfers.

Insight Assurance is a global audit firm on a mission to transform how organizations achieve cybersecurity and compliance.

• Lead the Cybersecurity Policy Program by overseeing the policy portfolio and identifying opportunities to enhance policy coverage.
• Review submissions, supervise evaluations, and provide contract input within the third-party risk assessment process.
• Support continuous compliance with PCI DSS and periodic user access recertification for critical systems and applications.

The New York Times is committed to being the world’s best source of independent, reliable and quality journalism that seeks the truth.

Perform security audits based on published standards such as PCI, HIPAA, and NIST. Identify security weaknesses and gaps in compliance. Develop mitigation strategies for keeping our clients safe.

Strata Information Group (SIG) Solves Problems and has been a trusted partner to over 1,000 higher education institutions globally since their inception in 1988.

• Use security and compliance tools (GRC tools) to help the company stay audit-ready
• Manage IT assets and access permissions for team members and internal systems
• Support daily security operations related to ISO 27001 / SOC 2

Hopae is building the world’s most trusted digital identity platform — private, secure, and built for real life. Backed by top global investors, Hopae operates across Seoul, Paris, and San Francisco, bringing together exceptional talent from over 10 nationalities.

• Oversee and manage all aspects of regulatory compliance within our organization.
• Develop and implement compliance policies and procedures, conduct audits and assessments, provide guidance to employees, and serve as a liaison with regulatory agencies.
• Ensure that our company operates in accordance with all relevant laws, regulations, and industry standards.

Truelogic is a leading provider of nearshore staff augmentation services headquartered in New York. Their team of 600+ highly skilled tech professionals, based in Latin America, drives digital disruption by partnering with U.S. companies on their most impactful projects.

Deliver successful consulting engagements across multiple Risk offerings while maintaining a high degree of customer satisfaction. Perform qualitative and quantitative risk assessments using industry-recognized frameworks. Provide advisory services to GuidePoint customers to help mature their cyber risk management and information security programs.

GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk.

• Perform IT audit engagements (ISO27001) and readiness assessments.
• Evaluate the design and effectiveness of technology controls.
• Communicate IT audit findings to management and identify performance improvement opportunities.

Insight Assurance is a global audit firm on a mission to transform how organizations achieve cybersecurity and compliance.

Maintain and improve documentation for ISO 9001 and ISO/IEC 27001. Support internal audits, track findings, and monitor corrective and preventive actions. Collaborate with cross-functional teams to enhance quality, security, and operational excellence.

Miratech is a global IT services and consulting company that brings together enterprise and start-up innovation to support digital transformation.

Responsible for operating, supporting, and developing the ISO Practice with a high level of quality, productivity, and satisfaction for both clients and employees. Oversees the delivery of ISO certification services, ensures compliance with accreditation requirements. Leads the development of the audit team to drive efficiency, profitability, and growth within the practice.

Insight Assurance is a global audit firm on a mission to transform how organizations achieve cybersecurity and compliance.

Provide guidance to ensure project compliance to the United States Government Baseline (USGCB) for IT Security. Provide technical expertise of computer security laws, mandates, standards and policies in accordance with the Federal Information Security Management Act (FISMA). Represent the project in internal and external meetings, working groups, and integrated project teams to provide IT security compliance requirements.

DecisionPoint Corporation is seeking an Information Security Analyst to join our team!

• Comprehend a client's compliance/risk/InfoSec environment and convey a high-value proposition.
• Facilitate product demonstrations and answer product questions.
• Consult clients on industry best practices as they learn about AuditBoard.

AuditBoard is the leading audit, risk, ESG, and InfoSec platform on the market, with more than 50% of the Fortune 500 leveraging their technology.

The Security Manager will support the InfoSec team to deliver its objectives. Ensure compliance with relevant security standards, service management procedures, regulations, and industry best practices. Will produce the required security assurance documentation that is required for the accreditation of our customers, together with the Security Architects.

NEC Software Solutions helps dispatch ambulances, support families, keep trains on the move, locate missing people and even test the hearing of newborn babies.

Plan and schedule remote security assessments for new and existing third-party relationships/engagements. Communicate Experian's third party risk management/security due diligence requirements to internal and external stakeholders. Identify information security deficiencies or risks at third parties and communicate with all stakeholders to obtain action plans, due dates, and documentation to evidence remediation of identified security risks/gaps.

Experian is a global data and technology company, powering opportunities for people and businesses around the world.

• Serve as a trusted Domain Expert/SME for client projects.
• Provide high-level strategic guidance.
• Share institutional knowledge and validate high-stakes GRC strategies.

REDE Consulting is a dynamic technology firm specializing in GRC (Governance, Risk, and Compliance) solutions across the finance and insurance sectors.

• Lead and mentor the app security team, fostering a culture of security awareness and continuous improvement across the organization.
• Oversee the day-to-day security operations, including monitoring, threat detection, incident response, and vulnerability management.
• Maintain an application security risk management framework, identifying, analyzing, and treating risks.

TrueML is a mission-driven financial software company that aims to create better customer experiences for distressed borrowers. The TrueML team includes inspired data scientists, financial services industry experts, and customer experience fanatics who are building technology to serve people in a way that recognizes their unique needs and preferences as human beings and endeavors to ensure nobody gets locked out of the financial system.