Support and scale the Assurance & Compliance function through an engineering-driven, automation-first approach.
Partner with Engineering, Security, Legal, and other teams to support compliance programs and audit readiness.
Help transform compliance into a continuous, measurable capability embedded into operations.
Flock builds technology that reduces crime and protects privacy, partnering with cities, businesses, schools, and neighborhoods. With over $1B in funding and an $8.3B valuation, the company is a high-performance team united by urgency, ownership, and a shared commitment to meaningful impact.
Manage security compliance programs against frameworks like PCI-DSS, NIST, and SOC 1/2, leveraging automation tools for continuous assessment.
Oversee identity and access management, including automated provisioning audits and anomaly detection.
Collaborate with engineering, DevOps, and product teams to integrate compliance into CI/CD and cloud infrastructure.
Prosper is a FinTech company focused on improving financial well-being. It is a growing company with a collaborative culture and offers resources for professional growth and holistic well-being.
Manage and support compliance certifications including SOC 2, HITRUST, and ISO 27001 audits across the audit lifecycle.
Serve as the subject matter expert across the company on compliance frameworks and primary point of contact for external auditors.
Maintain the risk register, drive risk identification and reporting, and scale GRC function with AI and automation.
Garner transforms the healthcare economy by partnering with employers to redesign healthcare benefits using data-driven insights. It is a fast-growing healthcare technology company with a mission-driven team focused on making healthcare more affordable and high-quality.
Design and implement a comprehensive GRC framework addressing both traditional security controls and novel AI safety considerations.
Lead engagements with external auditors to obtain critical security certifications like SOC 2, ISO 27001/27701/42001, and FedRAMP.
Partner with AI research teams to develop and implement appropriate safeguards and controls for machine learning systems.
Runway builds AI to simulate the world through merging art and science, focusing on world models for progress in artificial intelligence. Our team consists of creative, open-minded, caring, and ambitious people determined to change the world, striving to continuously build impossible things.
Own and continuously mature the company risk register, designing AI-assisted workflows for real-time risk posture.
Lead external audit management (SOC 2 Type II) and automate evidence collection pipelines in Vanta.
Engineer the Trust and Assurance program for scale, including automated vendor risk intake and AI-assisted response generation.
ButterflyMX empowers people to open and manage doors & gates from a smartphone, with products installed in over 20,000 properties worldwide. As a distributed, primarily remote workforce, they seek intelligent, passionate, and collaborative individuals driven by shared commitment to excellence and innovation.
Lead control program maturity by designing an auditable framework fitting ezCater's SaaS, cloud, data, and engineering environment.
Build continuous control monitoring and automation by partnering with engineering teams to implement automated testing and evidence collection.
Expand data security policy and program quality by defining clear, enforceable policies tied to technical practices and operating cadences.
ezCater is the #1 food tech platform for workplaces in the US, making it easy for organizations to manage food needs and order from over 125,000 restaurants nationwide. The company values work/life harmony and offers a collaborative, innovative environment with passionate colleagues.
Partner with the CISO to drive security strategy, roadmap, and execution across application security, GRC, and operations.
Support compliance initiatives including PCI, SOC 2, ISO 27001, DORA, and FedRAMP readiness.
Serve as a trusted security leader in customer-facing settings, translating technical risks into business language.
Sardine is the leading agentic risk platform for fighting financial crime, integrating data across risk teams to stop fraud and automate AML operations. With over 6 billion profiled devices and 800 million consumers, we maintain a remote-first culture that values performance over hours worked.
Develop and maintain the enterprise IT GRC strategy, framework, and roadmap, presenting updates to executive leadership.
Lead enterprise IT risk assessments, maintain risk registers, and oversee remediation efforts.
Ensure compliance with regulations like NIST, ISO 27001, SOC, PCI-DSS, HIPAA, GDPR, and SOX.
Mission Critical Group is an end-to-end power solutions and services provider that accelerates time-to-power for mission critical environments. With over 1.5 million square feet of U.S. manufacturing capacity, the company supports data centers, healthcare, and industrial facilities where uptime is non-negotiable.
Lead a small, high-leverage team of senior and staff security engineers, setting technical direction and growing talent.
Partner with product and executives to deliver AI-first security capabilities and represent security to customers.
Turn compliance (ISO 27001, SOC 2) into continuous assurance, protecting customer trust.
Sysdig creates cloud security solutions, including the open standard Falco for threat detection, used by over 60% of the Fortune 500. Recognized as a Best Place to Work and one of Deloitte's fastest-growing companies for the past 5 years, they value diversity and open dialogue.
Support the ISO 27001 program by maintaining audit readiness, running evidence collection, and managing access reviews.
Perform recurring security operations including vulnerability scanning, risk assessments, and vendor reviews.
Collaborate cross-functionally to harden identity and access management, respond to security questionnaires, and support AI governance initiatives.
Didomi is a consent management platform that helps companies manage user consent and data privacy. The company is a growing SaaS organization with a collaborative culture, emphasizing automation and efficiency.
Lead end-to-end third-party audits, evidence collection, and compliance onboarding for new products and features.
Partner with cross-functional teams to design and validate internal controls across SOX, SOC, HIPAA, and PCI frameworks.
Drive continuous improvement by standardizing processes, reducing manual effort, and collaborating on automated compliance monitoring.
Jobgether uses AI-powered matching to streamline job applications. They are a company focused on connecting candidates with hiring employers through automated shortlisting, with a transparent and flexible work culture.
Own and manage the compliance program including SOC 2 and ISO 27001 readiness and audits.
Lead risk assessments, control testing, and enterprise risk management processes.
Partner with Engineering, Security, Product, Legal, HR, and Operations to embed compliance into business processes.
Calendly is a scheduling platform used by millions to automate meetings and streamline time management. They are a rapidly growing SaaS company fostering a culture of learning and high performance.
Serve as a senior security and compliance advisor for clients in finance, VC, PE, and biotech, translating complex requirements into practical action plans.
Lead consultative conversations on governance, risk, controls, AI adoption, and audit readiness, delivering clear executive-level recommendations.
Build and refine Outpost's service delivery playbooks, templates, and documentation to scale the offering and improve client experience.
Pliancy is fundamentally changing how businesses value technology, specializing in IT support for life sciences, capital management, and startups. With a people-first culture, the company prioritizes curiosity and empathy, investing in long-term employee success.
Serve as a primary compliance resource embedded in the Alma-to-Spring Health integration, mapping control environments and building a unified compliance organization.
Own and lead enterprise-level compliance programs including SOC 2 Type II, HITRUST, HIPAA, GDPR, ISO 27001, ISO 42001, and ITGC-SOX.
Develop and operationalize Spring Health's AI governance program, including policies, risk frameworks, and AI-specific compliance documentation.
Spring Health is a global mental health company on a mission to eliminate every barrier to mental health. With outcomes independently validated by JAMA Network Open, Spring Health reaches more than 170 million people worldwide through leading employers, health plans, and partners.
Coalfire helps clients solve cybersecurity challenges through advisory, assessment, automation, and cloud security services. With offices across the US and UK, the company employs a team of thought leaders and consultants who are passionate problem-solvers.
Lead delivery of FedRAMP, CMMC, HITRUST, and NIST compliance engagements where federal authorization is on the line.
Build reusable IP like control-mapping libraries, SSP templates, and evidence-collection playbooks for complex frameworks.
Own pricing, margin, and utilization for specialized federal engagements, plus leverage AI to standardize deliverables.
Sprinto is an Autonomous Trust Platform that centralizes trust requirements across security frameworks, vendors, and customers. Backed by top-tier investors like Accel, Elevation, and Blume Ventures, we've raised $31.8M and are trusted by over 3,000 organizations across 75 countries, with a remote culture built on ownership and progress over perfection.
Owns product, cloud, engineering, vendor, AI-tooling, and compliance security functions.
Builds practical guardrails for AI tools, agents, MCPs, data leakage, and automation.
Understands OWASP, IAM, secrets, cloud security, vulnerability management, CI/CD, incident response, and frameworks like SOC 2, ISO 27001, GDPR, or HIPAA.
PlayPower Labs is a company focused on building practical security functions without slowing down teams. The organization values security sharpness, usefulness, and a product-minded approach, with a culture that balances protection and agility.
Own delivery for standard-framework GRC engagements including ISO 27001, SOC 2, GDPR, and PCI DSS.
Build and maintain reusable IP such as templates, control-mapping libraries, and AI-assisted playbooks.
Own commercial outcomes including pricing, utilization, margin, and delivery forecasting for your own engagement book.
Sprinto is an Autonomous Trust Platform that centralizes trust requirements across security frameworks, vendors, and customers. Backed by top-tier investors such as Accel, Elevation, and Blume Ventures, they have raised $31.8M in funding and are trusted by over 3,000 organizations across 75 countries, with a remote culture organized around problems rather than job titles.
Design and implement secure, scalable Azure cloud architectures including landing zones, hybrid environments, and migration from legacy systems.
Embed Zero Trust and security-by-design principles using Azure-native tools like Defender for Cloud, Sentinel, and Entra ID.
Act as Agile Product Owner for Azure infrastructure and security services, managing backlogs and roadmaps while ensuring compliance with regulatory frameworks.
Jobgether is an AI-powered job matching platform that connects candidates with hiring companies. They use a technology-driven process to review applications and share top-fitting candidates directly with employers.
Partner with engineering, product, and DevOps teams to integrate security practices throughout the SDLC, focusing on cloud-native environments and automated pipelines.
Design, implement, and maintain security tooling and gates within CI/CD pipelines covering SAST, DAST, SCA, secrets detection, and container scanning.
Lead threat modeling, conduct application security assessments including code review and manual penetration testing, and triage bug bounty reports.
Hyland is the pioneer of the Content Innovation Cloud, delivering ubiquitous enterprise intelligence to organizations. With a team of nearly 4,000 employees, the company fosters an employee-centric culture focused on community impact and innovation.