Director of Compliance

About The Position

Requirements

• 15+ years in Information Security or Compliance, with at least 5 years in a leadership and people management role at a SaaS or Cloud technology company
• Deep, hands-on experience with NIST 800-53, FedRAMP
• Proven ability to translate complex regulatory requirements (like "ATO" or "POAM") into clear, actionable engineering tasks for developers

Nice To Haves

• CISA, CISSP, CISM, or CRISC preferred

Responsibilities

• Lead the enterprise Security Compliance function, aligning all activities with business priorities, regulatory expectations, and industry best practices
• Establish a compliance strategy and roadmap that ensures operational maturity, scalability, and continuous improvement
• Drive accountability across business and technical leaders, ensuring compliance milestones and deliverables are met on time, with exceptional quality
• Influence leaders across the organization on key Compliance related topics and drive necessary actions
• Manage a team of 10 (managers and ICs) and provide ongoing coaching and support
• Assist with various other projects within the Assurance, Risk and Governance team
• Build, mentor, and lead a high-performing compliance organization that operates with discipline, precision, and urgency
• Develop structured workflows, templates, and reporting mechanisms to enhance transparency, efficiency, and repeatability of compliance operations
• Direct all external audit and certification activities (e.g., SOC 2, ISO 27001, FedRAMP, PCI-DSS, HIPAA), ensuring accurate, complete, and timely delivery of evidence and reports
• Serve as the single point of coordination between external auditors, certification assessors, and internal stakeholders
• Lead end-to-end audit project management — from scoping and control mapping through fieldwork coordination and remediation tracking — ensuring zero delays and zero rework
• Maintain an organized, centralized, and fully traceable repository of audit and compliance documentation that withstands external scrutiny
• Identify process gaps early, drive remediation plans decisively to prevent recurrence through root cause management
• Provide expert advice to teams to drive Compliance ahead
• Assist with Policies when required
• Create dashboards and reporting for leadership, enabling data-driven decision-making and oversight
• Prepare and present reports to senior management and governance forums

Benefits

• equity
• participation in the employee stock purchase program
• flexible paid time off
• 20 weeks fully-paid gender-neutral parental leave
• fertility and adoption assistance
• 401(k) plan
• mental health counseling
• access to transgender-inclusive health insurance coverage
• health benefits offerings