Sr. Security Compliance Specialist

About The Position

Requirements

• 7+ years of experience in security compliance, GRC, or technology risk, with a strong track record in high-growth, technology-driven, or regulated environments.
• Significant experience leading external audits (e.g., SOC 1, SOC 2, PCI DSS), including acting as a primary contact for auditors and managing audit lifecycles end-to-end.
• Proven ability to drive readiness and manage the full audit lifecycle, including planning, evidence collection, control testing, and remediation tracking.
• Strong experience implementing and assessing controls across common frameworks such as PCI DSS, SOC 2, ISO 27001, and NIST CSF.
• Demonstrated ability to identify control gaps, assess risk, and drive remediation in partnership with cross-functional stakeholders.
• Experience developing, implementing, or improving security policies, standards, and procedures, ensuring they are practical and aligned to real-world controls.
• Strong understanding of compliance metrics and reporting, with the ability to track control effectiveness, audit outcomes, and risk exposure.
• Ability to influence and drive accountability across technical and non-technical stakeholders without direct authority.
• Excellent verbal and written communication skills, with the ability to translate complex audit and compliance requirements into clear, actionable guidance.
• Experience mentoring or supporting junior team members, contributing to raising the overall capability of the team.
• Bachelor’s degree in Information Security, Computer Science, Business Administration, or related field, or equivalent practical experience.

Nice To Haves

• Professional certifications such as CISA, CISSP, CISM, or CRISC

Responsibilities

• Lead end-to-end execution of internal and external audits (SOC 1, SOC 2, PCI DSS), from planning through to reporting.
• Act as the primary point of contact for auditors, coordinating stakeholders and ensuring high-quality, consistent evidence.
• Establish and improve audit readiness processes to reduce disruption and increase efficiency.
• Drive tracking and remediation of audit findings, ensuring issues are resolved sustainably.
• Partner with the Security Compliance Manager to shape and mature the global compliance program.
• Contribute to the design and improvement of control frameworks, ensuring controls are scalable, testable, and aligned to business operations.
• Identify opportunities to improve efficiency and effectiveness across compliance and audit processes, including leveraging automation to streamline evidence collection, control testing, and reporting.
• Support development and refinement of security policies, standards, and guidance.
• Contribute to compliance awareness and training initiatives, particularly in areas tied to audit findings and control gaps.
• Ensure policies are actionable, testable, and aligned to real-world controls.
• Define and track key compliance and audit metrics (e.g., control effectiveness, audit findings, remediation timelines).
• Translate audit and compliance requirements into clear, actionable guidance for the business.
• Mentor and support junior compliance specialists, raising the overall quality of outputs.

Benefits

• 401(k) plan with employer matching
• 16 weeks of paid parental leave
• wellness benefits
• commuter benefits match
• paid time off
• paid sick leave
• medical, dental, and vision benefits
• 11 paid holidays
• disability and basic life insurance
• family-forming assistance
• mental health program