Serve as a member of Sword's GRC team, contributing to security compliance across all products and services.
Define and maintain the CMMC assessment boundary, working across infrastructure, engineering, and business teams to ensure the scope is accurate and defensible.
Translate identified gaps into prioritized remediation tasks with clear ownership, for audiences ranging from DevOps engineers to clinical operations managers.
Sword Health is building AI to heal billions and unlock humanity’s full potential. As both a clinical-centric frontier AI lab and an applied AI platform, Sword is reimagining how care is delivered at scale. They have over 700,000 members across three continents and have raised more than $500 million from leading investors.
Partner with Security Engineering, Risk, Product, and Infrastructure teams to bake security and compliance into the process.
Dive deep into the security stack to identify execution blockers and actively architect the technical solutions to implement them.
Define the technical milestones for high-stakes initiatives like Zero Trust and IAM overhauls, translating a broad vision into a precise execution roadmap.
Human Interest aims to provide all workers access to retirement benefits. They are a high-growth fintech company that is financially backed by investors such as BlackRock, TPG, and SoftBank.
Guide and review work completed by junior team members
Perform walkthroughs, testing, and documentation for SOC 2, SOC 1, and HIPAA engagements
Insight Assurance is a global audit firm transforming how organizations achieve cybersecurity and compliance. Founded by former Big 4 (EY) professionals, it's a fast-growing global audit firms with 220+ professionals supporting nearly 2,500 clients across the Americas, EMEA, and APAC.
Act as the primary point of contact for external auditors and lead the end-to-end execution of PCI DSS audits.
Orchestrate and lead the quarterly and semi-annual user access review process across all critical systems.
Execute and maintain a comprehensive, year-round Security Awareness Training program.
Subsplash builds The Ultimate Engagement Platform™ for churches, Christian ministries, non-profits, and businesses around the world. They are an award-winning team of 280+ mission-driven people who are committed to humility, innovation, and excellence.
Own the governance framework for Life360's agentic systems and define the policies and control sets that govern how agents are built and deployed.
Take an agentic approach to GRC itself by automating evidence collection, drafting control narratives and triaging vendor questionnaires using AI and internal tooling.
Build the policy program as code with policies in Git and requirements expressed as enforceable rules and automated checks.
Life360's mission is to keep people close to the ones they love. They have a category-leading mobile app and other tracking devices to empower members to protect people, pets and things. Life360 has more than 500 remote-first employees and is growing.
Own and continuously improve the GRC program across ISO 27001, SOC 2, ISO 27701, and ISO 42001, driving audit readiness and making compliance repeatable.
Build relationships with technical teams to evaluate implementations and translate technical reality into clear audit narratives without losing accuracy.
Contribute to risk identification and assessment, maintain risk registers, and support leadership reporting to surface themes that lead to real decisions.
Synthesia is the world's leading AI video platform for business, used by over 90% of the Fortune 100 to enhance visual communication and enterprise skill development. Founded in 2017 and valued at $4 billion, the company has a culture focused on building, hiring smart and kind people, and empowering them with clear work principles to move fast.
Conduct risk assessments for critical and operationally significant third-party entities.
Identify, track, and drive remediation of control gaps and security risks uncovered throughout the assessment lifecycle.
Partner closely with cross-functional teams to manage third-party risk holistically and stay ahead of emerging risks, including generative and agentic AI.
HealthEquity's mission is to save and improve lives by empowering healthcare consumers. They envision making HSAs as widespread and popular as retirement accounts and they are passionate about providing a solution that allows American families to connect health and wealth.