Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Nametag

Head of Compliance, GRC

Nametag

. Own and maintain SOC 2 Type II certification, including evidence collection, control monitoring, and audit coordination .

Posted 4/21/2026full-timeRemote • 🇺🇸 United StatesLead💰 $120,000 - $160,000 per yearWebsite

Tech Stack

Tools & technologies
Cloud

About the role

Key responsibilities & impact
  • Own and maintain SOC 2 Type II certification, including evidence collection, control monitoring, and audit coordination
  • Drive IAL3 compliance readiness and implementation
  • Manage accessibility compliance (WCAG) requirements
  • Identify and pursue additional certifications as needed based on customer and market requirements
  • Coordinate penetration testing cycles and drive remediation with engineering
  • Maintain a living view of organizational risk and surface it to leadership
  • Develop and maintain security policies, procedures, and controls
  • Respond to security incidents with speed and clarity
  • Respond to customer security questionnaires promptly and accurately
  • Support sales in security-sensitive enterprise deals
  • Maintain public-facing trust documentation
  • Participate in customer security calls and reviews as needed
  • Partner with engineering to build security into the development process
  • Provide clear security guidance and timely reviews so teams can ship with confidence
  • Collaborate with product on security and accessibility features
  • Work with customer success to address customer security concerns

Requirements

What you’ll need
  • 7+ years of experience in security, compliance, or GRC, with demonstrated ownership of SOC 2 Type II programs
  • Experience building or running compliance programs in startup or resource-constrained environments
  • Strong understanding of how auditors think - ideally from auditor-side experience or running multiple audit cycles
  • Technical fluency to read pen test reports, understand cloud architecture, and have informed conversations with engineers
  • Knowledge of GRC tooling and vendors, with opinions on what's worth investing in at different company stages
  • Excellent communication skills - able to translate security topics for executives, salespeople, and customers
  • Experience with identity verification, authentication, or security-focused products is a strong plus
  • Familiarity with IAL2/IAL3 or NIST 800-63 identity proofing standards is a strong plus
  • CISSP, ISO 27001 Lead Auditor, or similar certifications are a plus but not required

Benefits

Comp & perks
  • Competitive salary
  • Meaningful equity ownership
  • Comprehensive health benefits (medical, dental, vision)
  • Flexible paid time off
  • Quarterly team off-sites and travel support
  • New computer hardware and equipment
  • An inclusive environment where your voice has impact and your work drives change

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
SOC 2 Type IIIAL3 complianceWCAGpenetration testingsecurity policiessecurity proceduressecurity controlsidentity verificationauthenticationcloud architecture
Soft Skills
communicationcollaborationleadershipincident responsecustomer engagementguidanceproblem-solvingorganizational skillsclarityadaptability
Certifications
CISSPISO 27001 Lead Auditor