Support CapIntel’s Governance, Risk, and Compliance program
Manage third-party risk and customer security reviews
Support operational security, privacy, and security awareness initiatives
CapIntel is a software platform built for wealth management enterprises to help financial advisors explain complex investment strategies to their clients. Since launching in 2019, CapIntel has seen rapid adoption and industry recognition, earning top placements in Deloitte’s Technology Fast 50 Canada and Fast 500 North America in 2025, ranking us among the fastest -growing technology companies.
Build the function, create delivery operating model, and build reusable IP.
Deliver and scale service lines, and own commercial outcomes.
Create “AI-assisted playbooks” for repeatable services and ensure quality and manage risk.
Sprinto is an AI-native GRC platform that helps organizations manage risks, audits, vendor oversight, and continuous monitoring from a single connected platform. With a team of 350+ employees serving 3,000+ customers across 75+ countries, Sprinto combines scale with expertise to deliver trust and compliance.
Support security and compliance programs aligned with frameworks such as NIST, ISO, PCI DSS, and HIPAA.
Assist in maintaining alignment with global privacy regulations (GDPR, CCPA, and similar frameworks).
Assist in the development, implementation, and maintenance of security, privacy, and AI governance policies, standards, and procedures.
Hims & Hers is a health and wellness platform with a mission to help the world feel great through the power of better health. They are redefining healthcare by putting the customer first and delivering access to care that is affordable, accessible, and personal.
Lead enterprise risk assessments across various organizational exposures.
Facilitate risk identification workshops with senior leadership.
Design or mature ERM frameworks, drawing on standards like COSO ERM, ISO 31000, and NIST RMF.
Artemis Connection is a strategic management consultancy working across various sectors, helping clients identify pressing strategic issues and deliver impact through customized, project-based approaches. Their GRC practice assists organizations in navigating complex regulatory environments and building effective risk frameworks.
Lead end-to-end audit execution across SOC 2, ISO 27001, ISO 42001, ISO 27701, HIPAA, and GDPR and maintain year-round audit readiness.
Build and mature Atlan's risk management program and turn abstract risk conversations into measurable metrics with clear ownership and quarterly leadership reviews.
Integrate our GRC platform with cloud infrastructure, CI/CD pipelines, HR systems, and product engineering tooling to automate evidence collection and continuous control testing.
Atlan is building the missing context layer for data and AI, helping enterprises close the AI value chasm and finally move AI pilots into production. We are backed by world-class investors including GIC, Insight Partners, Meritech, Peak XV, and Salesforce Ventures and trusted by global enterprises like Mastercard, Workday, General Motors, Unilever and others.
Accelerate Onebrief’s execution of GRC programs supporting NIST RMF, FedRAMP High, CMMC, and SOC2 authorizations
Develop and manage integrated project plans for control implementation, remediation, and continuous monitoring
Coordinate cross-functional teams (Infrastructure, Engineering, Product) to ensure timely delivery of compliance requirements
Onebrief provides collaboration and AI-powered workflow software designed specifically for military staffs, aiming to make them faster, smarter, and more efficient. Valued at $2.15B, the company has raised $320m+ from top-tier investors and operates as an all-remote company.
Ownership of our SOC 2 and Privacy compliance roadmap, from problem framing to tracking adoption.
Gap analysis and consulting with clients to assess their InfoSec posture and provide actionable paths to certification.
Internal playbook development, creating the checklists, policy templates, and controls that will be automated within our software.
Greenplaces helps companies navigate reporting requirements. They empower businesses to measure their carbon emissions and act as the definitive source of truth for all sustainability and compliance activity. They are headquartered in Raleigh, NC, with a distributed team across the country and backed by world-class investors.
Develop a deep knowledge of our product, and help customers through the implementation lifecycle from kickoff, through design and user acceptance testing
Able to gather and interpret customer requirements and configure the Optro solution to meet their needs
Serve as a project manager for small, medium, and large Optro implementation projects
Optro is the leading audit, risk, ESG, and InfoSec platform on the market, surpassing $300M ARR. They empower more than 50% of the Fortune 500 with award-winning technology and are recognized as one of the fastest-growing tech companies in North America.
Conduct ongoing risk reviews and maintain an up-to-date risk register.
Support risk assessments across critical business processes and systems.
Partner with stakeholders to develop and track risk mitigation plans through resolution.
Radicle Health offers human services software products to foster collaboration and innovation, aiding organizations in better serving communities. They believe technology is crucial for the human services sector's success, housing mission-driven products that support organizations in delivering essential services.
Provides strategic leadership and oversight in advancing governance excellence.
Strengthens membership and board effectiveness through the development and implementation of governance standards, training, and best practices.
Works closely with the VP of National Governance, Executive Leadership Team, and Board Chairs to ensure strong alignment between governance structures.
Planned Parenthood is the nation’s leading provider and advocate of high-quality, affordable sexual and reproductive health care for all people, as well as the nation’s largest provider of sex education. Planned Parenthood organizations serve all people with care and compassion, with respect, and without judgment, striving to create equitable access to health care.
Maintain documentation for ISO/IEC 27001 & ISO/IEC 42001; improve activities.
Extract security requirements from client MSAs; identify gaps and risks.
Coordinate internal and client audit requests; collect evidence.
Avalere Health's mission is to ensure every patient is identified, treated, supported, and cared for. They bring Advisory, Medical, and Marketing teams together to forge unconventional connections, building a future where healthcare is not a barrier and no patient is left behind.
Serve as a trusted advisor to senior government executives addressing operational and organizational challenges.
Lead strategic assessments across operations and governance, synthesizing insights into executive narratives.
Define executive KPIs, translate data into actionable insights, leveraging AI to uncover optimization opportunities.
Accela delivers government software, helping to improve efficiency and increase citizen engagement. They provide a cloud-based platform of government software solutions that accelerate growth, efficiency, and transparency in communities of all sizes.
Own our security and compliance documentation accurate and up to date.
Support our commercial teams in complex information security and compliance negotiations.
Take ownership of maintaining our current ISO 27001 compliance and certification.
Gearset is trusted by some of the largest companies in the world to handle their Salesforce DevOps. They are committed to protecting data through a modern approach to security and compliance.
Implement and manage the NIST Risk Management Framework (RMF) to achieve and maintain compliance.
Drive the data privacy program by conducting Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).
Design and execute a continuous internal audit program to validate the effectiveness of controls.
IonQ delivers solutions to solve the world’s most complex problems with quantum computing. IonQ's newest generation quantum computers, IonQ Tempo and IonQ Forte Enterprise, help customers and partners such as Amazon Web Services, AstraZeneca, and NVIDIA achieve 20x performance results.
Mature and execute the enterprise risk management framework.
Lead day-to-day execution of Akoya’s cybersecurity program.
Oversee corporate IT governance in partnership with the IT Systems Administrator.
Akoya is building a secure API-driven open finance network. They value diverse experiences and encourage everyone to apply, especially those who will bring something new to the table.
Conduct structured interviews with partner organizations, operational teams, and technical stakeholders.
Documents end‑to‑end operational workflows and surface implicit, non‑documented practices.
Identify workflow fragility zones, handoff risks, and transition‑period vulnerabilities.
Element serves as a partner at the intersection of innovation and our clients' needs, efficiently crafting meaningful user experiences for government and commercial customers. Our talented professionals bring unparalleled energy engagement, setting a higher standard for impactful work.
Vendor and contractor risk assessment process during onboarding, adhering to a defined Service Level Agreement (SLA).
Conduct annual vendor monitoring and re-assessment processes for existing vendors.
Maintain the vendor inventory and collaborate with vendors on an ongoing basis to reduce identified risks.
Juniper Square's mission is to unlock the full potential of private markets by digitizing them and bringing efficiency, transparency, and access. They have a values-driven organization that offers employees a variety of ways to work, ranging from a fully remote experience to working full-time in one of their physical offices.