Information Security (Remote-USA East Coast)

About The Position

Requirements

• Bring deep experience in GRC, compliance, or information security program management in high-growth technology companies in regulated industries, ideally in B2B SaaS, where building customer trust is central to the business
• Have hands-on experience owning governance frameworks, risk management methodologies, and data protection regulations such as SOC 2 ISO 27001 end-to-end, including risk assessments, control implementation, audit preparation, and ongoing maintenance
• Are comfortable guiding security and compliance conversations with enterprise buyers, including completing complex security questionnaires and participating in due diligence calls
• Know how to communicate security and compliance requirements clearly to both technical and non-technical audiences, including engineering and GTM teams, as well as enterprise buyers
• Have worked closely with sales, legal, and GTM teams and understand how a strong security posture enables deals
• Bring strong process instincts and can build on compliance operations that scale
• Are collaborative, pragmatic, and calm under pressure, especially when an enterprise deal is on the line
• Thrive on being both strategic and hands-on, shaping security programs as well as jumping into audits, compliance reviews, and questionnaire responses
• Bring strong process instincts and can build compliance operations that scale with the company
• Are collaborative, pragmatic, and calm under pressure, especially when an enterprise deal is on the line

Responsibilities

• Own and continuously elevate our ISMS in accordance with ISO 27001, SOC 2 Type 2, GDPR, and emerging AI governance standards, ensuring all policies, procedures, and controls are documented, implemented, and maintained
• Manage the full lifecycle of security audits, certifications, and internal controls, ensuring we continue to stay ahead of requirements
• Guide enterprise prospects and clients through InfoSec and compliance conversations as part of the sales motion, and manage and streamline security questionnaires and due diligence reviews to ensure fast and accurate responses
• Own our security whitepapers and InfoSec collateral, keeping them accurate, clear, and useful for both internal and external audiences
• Partner with Legal and Compliance to define security policies and align on contractual obligations and regulatory requirements
• Manage day-to-day compliance operations, including vendor risk management, third-party security reviews, background screenings, and security awareness training across the organization
• Work hand-in-hand with Solution Architects and DevOps to translate security requirements into scalable implementation practices
• Work with Engineering and business teams to ensure security and compliance requirements are understood, prioritized, and implemented effectively

Benefits

• Shape our compliance and trust function as DeepJudge scales and wins enterprise clients
• Become the go-to security and compliance expert across Engineering, Legal, DevOps, and GTM
• Bring clarity to complex security questions at critical moments, including when major deals depend on it
• Build a security culture that is proactive, transparent, and built for growth
• Competitive compensation and equity package that reflects the seniority and impact of the role