Nametag
Deepfake Defense™ identity verification and account protection solutions.
Head of Security, Compliance & GRC
Location
United States
Posted
2 days ago
Salary
$120K - $160K / year
Seniority
Lead
Bachelor Degree7 yrs expEnglishCloud
Job Description
• Own and maintain SOC 2 Type II certification, including evidence collection, control monitoring, and audit coordination
• Drive IAL3 compliance readiness and implementation
• Manage accessibility compliance (WCAG) requirements
• Identify and pursue additional certifications as needed based on customer and market requirements
• Coordinate penetration testing cycles and drive remediation with engineering
• Maintain a living view of organizational risk and surface it to leadership
• Develop and maintain security policies, procedures, and controls
• Respond to security incidents with speed and clarity
• Respond to customer security questionnaires promptly and accurately
• Support sales in security-sensitive enterprise deals
• Maintain public-facing trust documentation
• Participate in customer security calls and reviews as needed
• Partner with engineering to build security into the development process
• Provide clear security guidance and timely reviews so teams can ship with confidence
• Collaborate with product on security and accessibility features
• Work with customer success to address customer security concerns
Job Requirements
- 7+ years of experience in security, compliance, or GRC, with demonstrated ownership of SOC 2 Type II programs
- Experience building or running compliance programs in startup or resource-constrained environments
- Strong understanding of how auditors think - ideally from auditor-side experience or running multiple audit cycles
- Technical fluency to read pen test reports, understand cloud architecture, and have informed conversations with engineers
- Knowledge of GRC tooling and vendors, with opinions on what's worth investing in at different company stages
- Excellent communication skills - able to translate security topics for executives, salespeople, and customers
- Experience with identity verification, authentication, or security-focused products is a strong plus
- Familiarity with IAL2/IAL3 or NIST 800-63 identity proofing standards is a strong plus
- CISSP, ISO 27001 Lead Auditor, or similar certifications are a plus but not required.
Benefits
- Competitive salary
- Meaningful equity ownership
- Comprehensive health benefits (medical, dental, vision)
- Flexible paid time off
- Quarterly team off-sites and travel support
- New computer hardware and equipment
- An inclusive environment where your voice has impact and your work drives change
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Head of Security
Fortunate Media LimitedDigital Marketing agency who has delivered and executed strategies for some of the world’s largest iGaming companies
Security Engineer2 days ago
Full TimeRemoteTeam 51-200
Head of Security overseeing organization's security posture and strategy
AWSAzureCloudGoogle Cloud PlatformSDLC
United States
Security Engineer2 days ago
Full TimeRemoteTeam 51-200
Senior Application Security Engineer ensuring security in product and engineering processes
AWSCloudDockerGoogle Cloud PlatformJavaScriptKubernetesRustSDLCTypeScriptGo
Security Engineer2 days ago
Full TimeRemoteTeam 51-200
Senior Security Engineer securing corporate infrastructure at Turnkey
AWSAzureCloudDistributed SystemsGoogle Cloud PlatformJamfMacOS
Security Engineer2 days ago
Full TimeRemoteTeam 51-200Since 2016H1B No Sponsor
Staff Engineer developing secure platform software for AI/ML devices
PythonRTOSRustGo
