Own and drive the compliance roadmap across multiple frameworks like ISO 27001, TISAX, SOC 2, and GDPR.
Implement ISO 27001 and adjacent frameworks end-to-end for customers, ensuring successful audits.
Mentor the compliance team, conduct internal audits, and act as the senior compliance voice for customers, auditors, and product.
Secfix automates security compliance for companies, helping them achieve ISO 27001, GDPR, TISAX, and SOC 2 quickly. They are a high-performing 100% remote team with hubs in Germany and the UK, backed by top VCs.
Serve as a primary compliance resource embedded in the Alma-to-Spring Health integration, mapping control environments and building a unified compliance organization.
Own and lead enterprise-level compliance programs including SOC 2 Type II, HITRUST, HIPAA, GDPR, ISO 27001, ISO 42001, and ITGC-SOX.
Develop and operationalize Spring Health's AI governance program, including policies, risk frameworks, and AI-specific compliance documentation.
Spring Health is a global mental health company on a mission to eliminate every barrier to mental health. With outcomes independently validated by JAMA Network Open, Spring Health reaches more than 170 million people worldwide through leading employers, health plans, and partners.
Manage and support compliance certifications including SOC 2, HITRUST, and ISO 27001 audits across the audit lifecycle.
Serve as the subject matter expert across the company on compliance frameworks and primary point of contact for external auditors.
Maintain the risk register, drive risk identification and reporting, and scale GRC function with AI and automation.
Garner transforms the healthcare economy by partnering with employers to redesign healthcare benefits using data-driven insights. It is a fast-growing healthcare technology company with a mission-driven team focused on making healthcare more affordable and high-quality.
Respond to customer and prospect security/compliance questions and improve repeatable processes and evidence quality.
Upsun is the cloud application platform for hybrid teams, enabling developers to build, ship, and scale confidently without managing backend infrastructure. The company has a remote, global workforce and fosters a multicultural, open, and inclusive culture with a focus on open source and innovation.
Monitor security alerts, vulnerabilities, and incidents across enterprise systems and assist in incident response.
Maintain compliance with standards such as NIST CSF, ISO 27001, and SOC 2 through audits and policy development.
Conduct security risk assessments, evaluate controls, and track remediation plans.
Mission Critical Group is an end-to-end power solutions and services provider that accelerates time-to-power for mission critical environments. With over 1.5 million square feet of U.S. manufacturing capacity, they support data centers, healthcare, and industrial facilities.
Serve as a senior security and compliance advisor for clients in finance, VC, PE, and biotech, translating complex requirements into practical action plans.
Lead consultative conversations on governance, risk, controls, AI adoption, and audit readiness, delivering clear executive-level recommendations.
Build and refine Outpost's service delivery playbooks, templates, and documentation to scale the offering and improve client experience.
Pliancy is fundamentally changing how businesses value technology, specializing in IT support for life sciences, capital management, and startups. With a people-first culture, the company prioritizes curiosity and empathy, investing in long-term employee success.
Manage security compliance programs against frameworks like PCI-DSS, NIST, and SOC 1/2, leveraging automation tools for continuous assessment.
Oversee identity and access management, including automated provisioning audits and anomaly detection.
Collaborate with engineering, DevOps, and product teams to integrate compliance into CI/CD and cloud infrastructure.
Prosper is a FinTech company focused on improving financial well-being. It is a growing company with a collaborative culture and offers resources for professional growth and holistic well-being.
Execute SOC 1, SOC 2, SOC 3 examinations and other security audits.
Evaluate the design and effectiveness of technology controls and identify findings.
Supervise and provide performance management for IT audit staff.
Insight Assurance is a global audit firm on a mission to transform how organizations achieve cybersecurity and compliance. Founded by former Big 4 professionals, the firm is one of the fastest-growing global audit firms with 170+ professionals supporting nearly 2,000 clients.
Design and implement a comprehensive GRC framework addressing both traditional security controls and novel AI safety considerations.
Lead engagements with external auditors to obtain critical security certifications like SOC 2, ISO 27001/27701/42001, and FedRAMP.
Partner with AI research teams to develop and implement appropriate safeguards and controls for machine learning systems.
Runway builds AI to simulate the world through merging art and science, focusing on world models for progress in artificial intelligence. Our team consists of creative, open-minded, caring, and ambitious people determined to change the world, striving to continuously build impossible things.
Focus on developing and delivering compliance solutions and strategies for Commercial, Defense Industrial Base, and State/Local customers.
Conduct compliance audits, assessments, and gap analyses to identify areas for improvement.
Author policies, plans, and procedures in CJIS and FedRAMP environments while serving as a trusted advisor to customers.
Planet Technologies is the leading provider of Microsoft consulting services to public sector and commercial organizations, specializing in building custom solutions that transform business operations. They are a growing team with collaborative peers and caring leaders, focused on high-profile client projects.
Manage ISACA's credentialing program policies and ensure compliance with ISO/IEC 17024:2026 standard.
Design and implement controls to mitigate risks associated with exam IP and certification fraud.
Oversee credentialing policy-driven activities and collaborate with internal teams to maintain exam integrity.
ISACA champions the global workforce advancing trust in technology. For more than 55 years, ISACA has empowered its community of 195,000+ members with knowledge, credentials, training and network.
Collaborate with cross-functional teams to apply cybersecurity best practices across systems, applications, and cloud environments.
Lead portions of cybersecurity assessments across the technology stack, identifying vulnerabilities and recommending remediation strategies.
Assist in shaping cybersecurity risk management activities, helping prioritize and guide security initiatives to protect critical assets.
Rise8 builds custom, secure software for government organizations, measuring success by impact: lives saved, time returned, and missions advanced. Certified as a Great Place to Work® with 100% of employees saying they love working here, Rise8 offers a culture rooted in kindness, candor, and continuous learning.
Execute Risk & Compliance initiatives, manage privacy and security projects, and ensure alignment with organizational goals.
Identify and mitigate operational, IT, and data privacy risks by partnering with cross-functional teams.
Build and improve compliance frameworks, policies, and procedures aligned with regulations like PIPEDA, COPPA, and GDPR.
BIS Safety Software is a SaaS company that helps organizations manage safety, learning, and compliance through innovative software solutions. Founded in 2006, the company is headquartered in Sherwood Park, Alberta, and offers an Employee Stock Ownership Plan (ESOP) with a culture emphasizing humility and contribution over hierarchy.
Manage a team of compliance professionals or third-party providers to ensure proper Compliance program execution and performance management.
Provide compliance advisory services and guidance for regulatory change, product change, and business-as-usual operations across multiple domains.
Recruit, hire, and develop employees while ensuring adherence to consistent standards for communication, documentation, and reporting.
Fulton Bank is a financial institution committed to making a positive impact in local communities and championing a culture of continuous learning and inclusion. The company promotes a digitally enabled work environment and values employee well-being.
Provide support on regulatory compliance requirements and conduct gap assessments of business unit procedures against global policies.
Collaborate with Legal, Information Security, and business teams to manage compliance risks and support regulatory exams.
Maintain an understanding of business processes, products, and services while participating in exams as a subject matter expert.
Experian is a global data and technology company operating across financial services, healthcare, automotive, and more. With 25,200 employees across 32 countries, they have an award-winning, inclusive, and purpose-driven culture.
Provide quality customer service and monitor compliance mailbox for client requests.
Prepare written responses to security inquiries and handle due diligence questionnaires.
Support audit activities and coordinate with departments on policy development and remediation.
TierPoint provides information security and compliance solutions. The company fosters a collaborative, team-oriented culture with a focus on confidentiality and accuracy.
Owns product, cloud, engineering, vendor, AI-tooling, and compliance security functions.
Builds practical guardrails for AI tools, agents, MCPs, data leakage, and automation.
Understands OWASP, IAM, secrets, cloud security, vulnerability management, CI/CD, incident response, and frameworks like SOC 2, ISO 27001, GDPR, or HIPAA.
PlayPower Labs is a company focused on building practical security functions without slowing down teams. The organization values security sharpness, usefulness, and a product-minded approach, with a culture that balances protection and agility.
Serve as primary IT contact, handling hardware/software support, account management, and remote troubleshooting for a remote-first team.
Assist with compliance evidence collection and control testing for SOC 2, GDPR, and PCI obligations.
Maintain accurate audit-ready records, asset inventory, and documentation while supporting off-hours maintenance and small projects.
Velora unifies Aplos, Raisely, and Keela to help nonprofits thrive with fundraising, donor management, and financial tracking. We serve over 15,000 nonprofits globally and operate as a remote-first team with a mission to make nonprofit work easier and more impactful.
Own the design, implementation, and continuous improvement of the enterprise-wide compliance and AML program.
Monitor federal and state regulatory developments, assess business impact, and implement controls to mitigate emerging risks.
Manage bank partner relationships, lead audits, and mentor a high-performing compliance team.
LeafLink is the largest unified B2B cannabis platform, providing licensed cannabis businesses a suite of tools to manage operations, sell or order from brands, and accelerate growth. Backed by leading venture capital firms, the company processes over $5 billion in wholesale cannabis orders annually and has been recognized as one of America's fastest-growing private companies.
Act as a strategic legal advisor to executive leadership, proactively identifying risks and opportunities to support high-impact decisions.
Build and execute scalable compliance programs covering data privacy, trade compliance, AI governance, and ethics across a rapidly scaling company.
Lead and develop the in-house legal team, implementing scalable processes and metrics-driven practices to accelerate deals and reduce risk.
UpGuard builds the Cyber Risk Posture Management (CRPM) platform that integrates security ratings, threat intel, and agentic AI to help organizations manage cyber risk. With a Series C funding and a global team of around 200–600 employees, UpGuard emphasizes autonomy and scaling world-class technology in a fully remote, collaborative culture.