Security Lead & Corporate Compliance Representative

About the Role

We are seeking a Security Lead & Corporate Compliance Representative to serve as the primary voice of our company's security and compliance posture-internally and externally. This role manages a small team (3) and coordinates multiple external security partners, consultants, and contractors. You will:

• Represent our security & compliance stance to customers, auditors, and internal stakeholders.
• Translate complex technical and regulatory requirements into clear, strategic communication.
• Guide internal teams (Sales, Marketing, Engineering, Leadership) on what we can claim and what we must do to maintain compliance integrity.
• Own customer-facing security questionnaires, due diligence responses, proposal requirements, and compliance-focused meetings.
• Define and articulate our directional compliance strategy (FedRAMP Moderate, SOC 2, HIPAA, ISO, GDPR).

This role is ideal for someone highly intelligent, articulate, diplomatic, and capable of absorbing technical detail quickly-then representing it with confidence and precision.

Key Responsibilities

Security & Compliance Representation

• Act as the primary spokesperson for our company's security posture to customers, prospects, partners, and auditors.
• Lead customer-facing meetings involving security, compliance, and risk management discussions.
• Translate technical and regulatory details into clear, accurate explanations suitable for executives, security teams, and procurement officials.

Internal Stakeholder Alignment

• Manage inbound compliance-related requests from Sales, Marketing, Customer Success, and Leadership.
• Ensure messaging on compliance readiness and roadmap is consistent and honest across the company.
• Set expectations internally to prevent overcommitment or misrepresentation regarding FedRAMP, SOC 2, HIPAA, ISO, and GDPR status.
• Work closely with Legal, Product, and Engineering leadership to align compliance claims with actual technical capabilities.

Team Leadership & Vendor Oversight

• Manage a team of four (Compliance PM, 3 Systems Engineers) as well as external compliance vendors, assessors, and 3PAOs.
• Prioritize team workloads based on risk, deadlines, customer urgency, and compliance roadmap.
• Ensure the team has what it needs to execute efficiently while preventing burnout and unmanaged expectations.

Customer Security Questionnaire & Documentation Ownership

• Own the process of completing customer-provided security questionnaires, RFP/RFI responses, and vendor due diligence forms.
• Ensure all responses accurately reflect current controls, policies, security architecture, and compliance progress.
• Maintain a library of reusable, approved compliance answers, block diagrams, system overviews, and architectural descriptions.

Corporate Compliance Direction Setting

• Shape the compliance roadmap and represent it clearly to internal leadership.
• Ensure the organization understands the steps required for FedRAMP Moderate Authorization and ongoing SOC 2, HIPAA, GDPR, and ISO adherence.
• Stay current on relevant regulatory changes and advise leadership on potential impact.
• Assist in the development of corporate-level security strategy, documentation, and messaging-without being responsible for technical implementation.

Security Architecture Communication

• Create and maintain block diagrams, system flow overviews, and high-level architecture visuals used for compliance and customer discussions.
• Work with engineering to understand design changes and articulate them to auditors or customers.
• Communicate how our product handles data, enforces access controls, manages encryption, and aligns with regulatory controls.

Required Qualifications

• 5-10+ years of experience in security, compliance, technical program management, or a related leadership role.
• Experience supporting or representing compliance programs such as FedRAMP, SOC 2, HIPAA, ISO 27001, NIST 800-53, and GDPR.
• Exceptional ability to learn complex technical systems and communicate them clearly to non-technical audiences.
• Strong customer-facing communication skills-comfortable presenting to CISOs, procurement teams, auditors, and executives.
• Experience managing or coordinating cross-functional teams.
• High integrity and judgment-able to balance transparency, sales pressure, and regulatory accuracy.

Preferred Qualifications

• Experience in a high-growth startup environment or working with small, cross-functional teams.
• Familiarity with AWS cloud architecture and modern SaaS security patterns.
• Prior work with 3PAOs, auditors, or government compliance workflows.
• Experience developing block diagrams, technical overviews, or compliance architecture documents.
• Security, privacy, or compliance certifications (CISM, CISSP, CCSP, CIPP/E, ISO Lead Implementer/Auditor, etc.).

What You'll Bring

• A calm, authoritative presence that inspires confidence with customers and internal teams alike.
• Strong organizational and communication skills, combined with the ability to synthesize information quickly.
• A thoughtful, strategic approach to compliance that balances business needs with regulatory requirements.
• The ability to protect the compliance team's capacity by serving as the front door and translator for all incoming security/compliance requests.

Why Join Us

• Take a leadership role in shaping the compliance reputation of a fast-growing SaaS company.
• Become the trusted advisor to both internal teams and customers on all things security and compliance.
• Work with a small, high-impact team where your clarity and communication directly influence company growth, customer trust, and FedRAMP success.

Apply tot his job Apply To this Job