Serve as a primary compliance resource embedded in the Alma-to-Spring Health integration, mapping control environments and building a unified compliance organization.
Own and lead enterprise-level compliance programs including SOC 2 Type II, HITRUST, HIPAA, GDPR, ISO 27001, ISO 42001, and ITGC-SOX.
Develop and operationalize Spring Health's AI governance program, including policies, risk frameworks, and AI-specific compliance documentation.
Serve as a senior security and compliance advisor for clients in finance, VC, PE, and biotech, translating complex requirements into practical action plans.
Lead consultative conversations on governance, risk, controls, AI adoption, and audit readiness, delivering clear executive-level recommendations.
Build and refine Outpost's service delivery playbooks, templates, and documentation to scale the offering and improve client experience.
Pliancy is fundamentally changing how businesses value technology, specializing in IT support for life sciences, capital management, and startups. With a people-first culture, the company prioritizes curiosity and empathy, investing in long-term employee success.
Design and implement a comprehensive GRC framework addressing both traditional security controls and novel AI safety considerations.
Lead engagements with external auditors to obtain critical security certifications like SOC 2, ISO 27001/27701/42001, and FedRAMP.
Partner with AI research teams to develop and implement appropriate safeguards and controls for machine learning systems.
Runway builds AI to simulate the world through merging art and science, focusing on world models for progress in artificial intelligence. Our team consists of creative, open-minded, caring, and ambitious people determined to change the world, striving to continuously build impossible things.
Lead and maintain the IT Compliance Program, ensuring alignment with industry best practices and regulatory requirements.
Stay abreast of relevant laws, regulations, and industry standards (e.g. GDPR, ISO 27001, NIS2, SOC 2,...).
Serve as a main point of contact for senior management and stakeholders on regulatory and IT compliance matters.
EcoVadis is the leading provider of business sustainability ratings, offering solutions backed by experts and technology. They analyze data to provide companies with insights into their environmental, social, and ethical risks, fostering a culture of global sustainability change.
Manage security compliance programs against frameworks like PCI-DSS, NIST, and SOC 1/2, leveraging automation tools for continuous assessment.
Oversee identity and access management, including automated provisioning audits and anomaly detection.
Collaborate with engineering, DevOps, and product teams to integrate compliance into CI/CD and cloud infrastructure.
Prosper is a FinTech company focused on improving financial well-being. It is a growing company with a collaborative culture and offers resources for professional growth and holistic well-being.
Respond to customer and prospect security/compliance questions and improve repeatable processes and evidence quality.
Upsun is the cloud application platform for hybrid teams, enabling developers to build, ship, and scale confidently without managing backend infrastructure. The company has a remote, global workforce and fosters a multicultural, open, and inclusive culture with a focus on open source and innovation.
You'll partner directly with the Senior Manager of GRC to lead our commercial audit programs, from evidence collection and control testing to deep technical walkthroughs with external auditors and internal SMEs.
You'll own the question of what "good evidence" looks like across SOC 2 Type II, ISO 27001/27017/27018, and ISO 27701, and you'll know where to find it in the systems that generate it.
Help build the AI-assisted workflows and automation that make our audit programs more efficient and our compliance posture more continuous.
1Password is building the foundation for a safe, productive digital future. They ensure every identity is authentic, every application sign-in is secure, and every device is trusted. Over 180,000 businesses trust 1Password. We prioritize collaboration, clear and transparent communication, receptiveness to feedback.
Own and drive the compliance roadmap across multiple frameworks like ISO 27001, TISAX, SOC 2, and GDPR.
Implement ISO 27001 and adjacent frameworks end-to-end for customers, ensuring successful audits.
Mentor the compliance team, conduct internal audits, and act as the senior compliance voice for customers, auditors, and product.
Secfix automates security compliance for companies, helping them achieve ISO 27001, GDPR, TISAX, and SOC 2 quickly. They are a high-performing 100% remote team with hubs in Germany and the UK, backed by top VCs.
Build the function by creating delivery operating model and reusable IP.
Deliver and scale service lines, including framework digitization and packaged services.
Own commercial outcomes by defining service packaging and pricing models.
Sprinto is an AI-native GRC platform that helps organizations manage risks, audits, vendor oversight, and continuous monitoring from a single connected platform. With a team of 350+ employees serving 3,000+ customers across 75+ countries, they combine scale with expertise to deliver trust and compliance.
Diagnose, prioritize, and drive security program maturity.
Translate security requirements into engineering practice.
Own the compliance surface without losing sight of real risk.
Aledade helps independent primary care practices survive and thrive, aiming to bend the healthcare cost curve. They are the largest network of independent primary care in the country.
Focus on developing and delivering compliance solutions and strategies for Commercial, Defense Industrial Base, and State/Local customers.
Conduct compliance audits, assessments, and gap analyses to identify areas for improvement.
Author policies, plans, and procedures in CJIS and FedRAMP environments while serving as a trusted advisor to customers.
Planet Technologies is the leading provider of Microsoft consulting services to public sector and commercial organizations, specializing in building custom solutions that transform business operations. They are a growing team with collaborative peers and caring leaders, focused on high-profile client projects.
Manage IT audit and assurance engagements, including SOC 1, SOC 2, SOC 3, SOC for Cybersecurity, HITRUST, HIPAA, and other compliance assessments.
Collaborate with senior team members and Partners on risk assessments, audit planning, and reporting.
Lead day-to-day engagement activities, providing guidance, oversight, and feedback to staff and seniors.
Insight Assurance is a global audit firm transforming how organizations achieve cybersecurity and compliance. Founded by former Big 4 (EY) professionals, they are one of the fastest-growing global audit firms with 170+ professionals supporting nearly 2,000 clients across the Americas, EMEA, and APAC.
Serve as senior cybersecurity authority advising on complex authorization scenarios and ensuring compliance with federal policy.
Lead the AI and automation workstream, identifying high-value use cases and piloting process improvements.
Mentor junior team members and coordinate with cross-functional teams to integrate AI and automation into workflows.
Kentro is a technology solutions company that supports federal missions with innovative IT services. The company holds ISO certifications and CMMI ratings, provides competitive benefits, and invests in professional development.
Provide strategic leadership for a comprehensive compliance and ethics program, ensuring adherence to healthcare regulations including HIPAA, Stark Law, and Anti-Kickback Statute.
Develop and implement policies promoting ethical conduct; lead risk assessments, audits, and investigations to strengthen compliance controls.
Advise executive leadership and the Board on compliance trends and regulatory developments; direct compliance education programs.
PT Solutions is a rehabilitation provider expanding access to quality care through physical therapy, occupational therapy, speech-language pathology, and athletic training. They offer industry-leading professional development and are a tight-knit community united in their mission.
Own the design, implementation, and continuous improvement of the enterprise-wide compliance and AML program.
Monitor federal and state regulatory developments, assess business impact, and implement controls to mitigate emerging risks.
Manage bank partner relationships, lead audits, and mentor a high-performing compliance team.
LeafLink is the largest unified B2B cannabis platform, providing licensed cannabis businesses a suite of tools to manage operations, sell or order from brands, and accelerate growth. Backed by leading venture capital firms, the company processes over $5 billion in wholesale cannabis orders annually and has been recognized as one of America's fastest-growing private companies.
Designs and implements compliance risk management strategies and governance structures.
Oversees internal controls, reporting, and regulatory compliance across the enterprise.
Manages a team of employees, providing direction, leadership, and performance management.
Fulton Bank is a financial services company focused on compliance and risk management. With a culture of continuous learning and inclusion, they employ a team dedicated to making a positive impact in local communities.
Translate group security frameworks into practical policies, controls, and procedures.
Build and strengthen a Security-by-Design culture across projects, platforms, and teams.
Support teams in identifying risks, defining actions, and tracking real progress.
Q8 is a well-respected, reliable, and trustworthy energy supplier that has been operating since 1983, with nearly 5,000 service stations in Europe. They are committed to developing a wide range of innovative and sustainable products and services. Their culture is focused on growing together in a digital and inspiring environment of trust, focused on continuous learning.
Manage ISACA's credentialing program policies and ensure compliance with ISO/IEC 17024:2026 standard.
Design and implement controls to mitigate risks associated with exam IP and certification fraud.
Oversee credentialing policy-driven activities and collaborate with internal teams to maintain exam integrity.
ISACA champions the global workforce advancing trust in technology. For more than 55 years, ISACA has empowered its community of 195,000+ members with knowledge, credentials, training and network.
Lead the design and evolution of Avalere Health's enterprise AI governance framework to ensure responsible AI deployment.
Establish scalable governance standards that balance innovation, risk management, and business value.
Translate global AI regulatory developments into clear, actionable guidance for business and delivery teams.
Avalere Health is a healthcare advisory, medical, and marketing company focused on reaching every patient possible. They have a global team with a flexible, inclusive culture, including six Employee Network Groups for diversity.