FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.
About the role
Key responsibilities & impact- Operate and extend Linear's compliance program end-to-end — maintain and mature our SOC 2 Type II, ISO 27001, and other relevant certifications (roadmap: ISO 27701, ISO 42001) while keeping audit overhead low and evidence collection as automated as possible
- Be the primary point of contact for security questionnaires, customer trust reviews, and enterprise procurement conversations — turn what's often a bottleneck into a competitive advantage
- Run our risk management program — identify emerging risks across the product, infrastructure, and vendor landscape, drive remediation with the right owners, and surface clear signal to leadership
- Partner closely with engineering to embed compliance controls into how we build — shape policy and tooling so security requirements land early in the development process, not as a retrofit
- Manage our third-party risk program — evaluate vendors and subprocessors, maintain our inventory, and ensure our supply chain meets the bar we hold ourselves to on both security and privacy
- Help scale the GRC function with automation — reduce manual toil, build durable processes, and ensure the program grows with the business without linearly growing headcount
Requirements
What you’ll need- A seasoned GRC practitioner — you have 7+ years in compliance and customer trust, ideally in a B2B SaaS or developer tools environment, and you've seen enough audit cycles to know where the sharp edges are
- Framework-fluent and privacy-aware — you have deep hands-on experience with SOC 2 and ISO 27001, understand how privacy regulations like GDPR and CCPA intersect with security controls, and can reason about new frameworks from first principles
- A builder, not just an operator — you see manual compliance work as a problem to be designed away, default to scalable processes over manual workflows, have used tools like Vanta, Drata, or similar platforms to do it
- A trusted partner, internally and externally — you work fluidly with engineering, legal, and customers alike; you can explain a control design to a skeptical customer, draft a crisp policy, and write a risk summary leadership will actually read
- Autonomy-oriented — you're comfortable operating with significant independence, setting your own priorities, and knowing when to loop in leadership, without needing to be managed closely
- Pragmatic over procedural — you optimize for reducing real risk, not checking boxes, and you know the difference
Benefits
Comp & perks- Competitive salary and equity
- Employee-friendly equity terms including early exercise in the US and extended exercise windows
- Daily meal and coffee stipend on every workday
- Paid co-working space or desk
- Health coverage (based on country requirements)
- 5 weeks paid vacation, plus local statutory holidays
- 4 months paid parental leave
- Paid month off after 4 years & every 2 years thereafter
- Regular team events and off-sites
- Remote-first with no required commute
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
GRCSOC 2ISO 27001ISO 27701ISO 42001GDPRCCPArisk managementcompliance controlsaudit cycles
Soft Skills
communicationcollaborationproblem-solvingautonomypragmatismtrust-buildingpolicy draftingrisk assessmentprocess optimizationcustomer engagement
Certifications
SOC 2 Type IIISO 27001ISO 27701ISO 42001