We are working with one of the most exciting startups in the AI space, after the 3 years they have been around they have surpassed all their competitors and are backed by some of the leading names in tech and AI. The client is looking for a GRC Lead to bring their technical expertise managing compliance with SOC2 and HIPAA with hands on experience using compliance management tools (e.g Drata, Vanta)
What You’ll Be Doing:
- Automate Vendor Due Diligence & Security Questionnaires – Reduce manual tasks while improving accuracy.
- Certification Management – Maintain and acquire essential certifications like SOC2, HIPAA, and ISO27001.
- Compliance Automation – Enhance compliance-as-code tooling to streamline monitoring, reporting, and team compliance.
- Sales Support – Help the sales team address security-related client queries.
- Risk Assessments – Conduct assessments using CIS or NIST frameworks, documenting findings to improve security posture.
Who You Are:
- Passionate about security, automation, and compliance
- Thrive in fast-paced environments, taking ownership of projects
- Strive for excellence, always looking to improve processes
- Team player with a flexible, can-do attitude
What You Bring:
- Experience with SOC2 & HIPAA compliance, using tools like Drata or Vanta
- Strong automation & scripting skills (Python, Bash) for compliance workflows
- Deep understanding of risk frameworks (CIS, NIST)
- Ability to work across sales, engineering & legal teams
Bonus: Cloud compliance experience (AWS, GCP, Azure) & CI/CD automation
If this sound like an interesting role, apply to start the conversation today.
