Manage and expand Valon's security and privacy compliance program across key frameworks and regulations.
Build and scale modern Security GRC capabilities that leverage AI-enabled tools and processes, reducing manual overhead while optimizing risk and compliance operations.
Maintain and evolve Valon's risk management practices; facilitate risk assessments across teams and track remediation of identified issues to closure.
Valon is building the AI-native operating system for regulated finance, starting with mortgage servicing. We're a Series C company backed by a16z, transforming industries that others have written off as too complex to innovate.
Lead the enterprise risk management function to identify, assess, and mitigate risks across the organization.
Develop and implement risk management strategies and frameworks that align with business objectives.
Collaborate with cross-functional teams to ensure risk considerations are integrated into decision-making processes.
Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without hidden fees or compounding interest. It is a remote-first company with a core value of people come first, offering competitive benefits.
Conducts risk assessments and internal/external partner reviews.
Develops and implements risk mitigation strategies.
Advises leadership on risk-related decisions.
Pathward is a financial empowerment company that collaborates with innovators to broaden financial availability, choice, and opportunity. They are dedicated to removing traditional barriers to financial access and fostering economic mobility, with a team of problem solvers who celebrate differences and value diverse perspectives.
Drive compliance efforts to unlock business capabilities
Secure Owner by helping teams successfully prevent and remediate vulnerabilities
Help teams build better and more secure systems by avoiding pitfalls of risk.
Owner is an AI-native system local business owners use to succeed, starting with restaurants. It's building the system that replaces the many tools owners use to run their business and powers everything from the restaurant’s website, online ordering, CRM, POS, and more. The team is in the low hundreds.
Lead cyber risk assessments and control reviews to identify gaps.
Act as a bridge between GRC and technical teams.
Own and maintain the Internal Control Framework.
Inetum is a global leader in IT services, dedicated to delivering innovative solutions to our clients. They are committed to fostering a dynamic and inclusive work environment that values diversity, where creativity and collaboration can thrive. Present in 19 countries with more than 28,000 employees worldwide.
Own and strengthen the controls environment, ensuring compliance requirements are effectively implemented and maintained.
Support and mature the GRC program, including SOC 2 operations and alignment with security frameworks such as NIST.
Build and maintain Business Continuity and Disaster Recovery programs, including BIAs, continuity plans, and recovery runbooks.
Mesh enables consumers to pay and be paid with any asset, bridging the gap between tokenized assets and everyday commerce. Backed by investors like PayPal Ventures and Paradigm, they are a high-growth company building the infrastructure for the global economy.
Own our supplier management framework, deepening supply chain mapping, and monitoring supplier performance.
Design, coordinate and help to run supplier failure scenario tests across the business.
Support development of our first-line controls assurance programme.
Griffin is a fully regulated UK bank that powers the accounts and payments offerings of product-led fintechs and platforms. They have grown rapidly since their launch in 2024 and provide the banking backbone behind products in remittance, payroll, wealth, insurance, and more.
Partner with Security Engineering, Risk, Product, and Infrastructure teams to bake security and compliance into the process.
Dive deep into the security stack to identify execution blockers and actively architect the technical solutions to implement them.
Define the technical milestones for high-stakes initiatives like Zero Trust and IAM overhauls, translating a broad vision into a precise execution roadmap.
Human Interest aims to provide all workers access to retirement benefits. They are a high-growth fintech company that is financially backed by investors such as BlackRock, TPG, and SoftBank.
Maintain and improve information security policies, standards, and procedures.
Support SOC 2, ISO 27001, and HITRUST readiness, audit preparation, and evidence collection.
Support vendor security reviews, third-party risk assessments, and remediation tracking.
Benepass is making benefits easy through its customizable fintech platform. They enable People teams to implement, administer, and track benefits that meet employees where they are. The company has raised approximately $75 million in equity capital and is backed by leading investors.
Lead and maintain the IT Compliance Program, ensuring alignment with industry best practices and regulatory requirements.
Stay abreast of relevant laws, regulations, and industry standards (e.g. GDPR, ISO 27001, NIS2, SOC 2,...).
Serve as a main point of contact for senior management and stakeholders on regulatory and IT compliance matters.
EcoVadis is the leading provider of business sustainability ratings, offering solutions backed by experts and technology. They analyze data to provide companies with insights into their environmental, social, and ethical risks, fostering a culture of global sustainability change.
Translate group security frameworks into practical policies, controls, and procedures.
Build and strengthen a Security-by-Design culture across projects, platforms, and teams.
Support teams in identifying risks, defining actions, and tracking real progress.
Q8 is a well-respected, reliable, and trustworthy energy supplier that has been operating since 1983, with nearly 5,000 service stations in Europe. They are committed to developing a wide range of innovative and sustainable products and services. Their culture is focused on growing together in a digital and inspiring environment of trust, focused on continuous learning.
Lead the roadmap for global data center physical security programs including access control, surveillance, and intrusion detection.
Drive end-to-end program execution across design, procurement, and operations, managing dependencies with engineering and compliance.
Establish security standards and ensure compliance with ISO 27001, SOC 2, and NIST frameworks.
Vultr makes high-performance cloud infrastructure easy to use, affordable, and locally accessible for enterprises and AI innovators worldwide. Privately held with a $3.5 billion valuation and 33 global data centers, Vultr fosters a culture of commitment with generous benefits and career growth.
Act as the primary point of contact for external auditors and lead the end-to-end execution of PCI DSS audits.
Orchestrate and lead the quarterly and semi-annual user access review process across all critical systems.
Execute and maintain a comprehensive, year-round Security Awareness Training program.
Subsplash builds The Ultimate Engagement Platform™ for churches, Christian ministries, non-profits, and businesses around the world. They are an award-winning team of 280+ mission-driven people who are committed to humility, innovation, and excellence.
Design and implement automation, dashboards, and integrations that power our Governance, Risk, and Compliance (GRC) operations.
Operationalizing and expanding our GRC platform (Drata), building AI-assisted workflows that automate evidence collection, control monitoring, and vendor risk.
Manage project delivery across multiple GRC automation initiatives simultaneously — maintaining clear scope, milestones, and stakeholder visibility without sacrificing quality.
1Password is building the foundation for a safe, productive digital future. They innovated the market-leading enterprise password manager and pioneered Unified Access Management, a new cybersecurity category built for the way people and AI agents work today. 1Password has surpassed $400M in ARR and has over 180,000 businesses using their product.
Manage the lifecycle of information security policies, standards, and procedures, coordinating reviews and approvals.
Support security awareness initiatives, including training content and phishing simulation campaigns.
Develop governance metrics, dashboards, and reports to track compliance and program effectiveness.
Oportun is a mission-driven financial services company that offers responsible credit, savings, and budgeting tools to help members achieve financial goals. With over $21.3 billion in credit provided and a diverse, inclusive culture, the company serves those left out of the financial mainstream.
Lead large-scale enterprise transformation projects from initiation through successful delivery.
Manage engagement governance, timelines, scope, risks, issues, change management, resourcing, reporting, and program financials.
Execute projects using ServiceNow leading practices and the Now Create methodology in collaboration with customer teams and delivery partners.
ServiceNow is the AI control tower for business reinvention. Their AI platform brings together any AI, any data, and any workflow— helping 85% of the Fortune 500® work smarter, faster, and better. ServiceNow is building an AI-native culture where technology and talent are unstoppable together.
Own end-to-end execution of Lumin’s external audit and assessment portfolio.
Design, mature, and lead a scalable, risk-based internal technical audit program.
Lead the identification, evaluation, and adoption of AI and automation capabilities across the assurance lifecycle.
Lumin Digital empowers credit unions and banks by creating cutting-edge digital experiences that continuously serve, engage, and grow their membership base. They are 100% cloud-native and thrive on curiosity and innovation, fostering trust, respect, and boldness.