Security Compliance Lead

Job Summary

A company is looking for a Security & Compliance Lead to oversee security governance and compliance operations.

Key Responsibilities

• Manage day-to-day operations of the SOC 2 Type II compliance program, including evidence collection and audit readiness
• Serve as the security and compliance expert for engineering and product teams, maintaining documentation and consulting on product design
• Coordinate third-party penetration testing and manage the customer-facing Trust Center for security disclosures

Required Qualifications

• 4+ years of experience in security compliance, GRC, or a related function, preferably in a B2B SaaS environment
• Hands-on experience with compliance frameworks such as SOC 2, ISO 27001, GDPR, and CCPA/CPRA
• Experience with GRC platforms like Vanta, Drata, or Tugboat Logic
• Proven ability to manage security questionnaires and vendor risk assessments
• Must reside and work permanently in the U.S