Principal Security and Compliance Manager
US - Remote
SearchStax is seeking a proactive and experienced Principal Security and Compliance Manager to own and drive our security and compliance initiatives. Reporting to the COO, this role is critical to ensuring that SearchStax continues to maintain a strong security posture, achieves and sustains compliance certifications (e.g., SOC 2, ISO 27001), and adheres to relevant regulatory frameworks such as GDPR, HIPAA, and FedRAMP. As part of a fast-growing SaaS startup, you will play a key role in scaling security and compliance programs to meet evolving business and customer needs.
If this sounds like you, let’s talk!
What You Will DoCompliance Program Management:
Lead and manage compliance certifications such as SOC 2, ISO 27001, and others required by customers and regulators.
Develop, implement, and enhance policies, procedures, and controls to align with compliance standards.
Oversee external audits and act as the primary point of contact for auditors and assessors.
Assemble and execute against a longer-term compliance plan, which will evolve and transform as the Company scales.
Security Oversight:
Develop and maintain an effective information security program to protect company and customer data.
Collaborate with Engineering and IT teams to ensure security best practices are implemented in product development, infrastructure, and operations.
Monitor security risks and vulnerabilities, and drive remediation efforts.
Risk and Governance:
Conduct regular risk assessments to identify, evaluate, and mitigate risks.
Establish and maintain a governance, risk, and compliance (GRC) framework to track compliance and security activities.
Stay updated on regulatory changes and adjust programs to meet new requirements (e.g., GDPR, CCPA, HIPAA, FedRAMP).
Documentation and Reporting:
Maintain detailed records of security and compliance frameworks, policies, and audit evidence.
Provide regular updates to the COO and executive team on the state of security and compliance initiatives.
Prepare responses to customer security and compliance questionnaires.
Maintain and update SearchStax Policies in alignment with the leadership team and their updates to meet compliance requirements
Cross-Functional Collaboration:
Work closely with Sales, Customer Success, and Legal teams to address customer compliance inquiries and ensure alignment with contractual obligations.
Partner with Product and Engineering teams to ensure security and compliance are built into product design and development.
Training and Awareness:
Develop and deliver security and compliance training programs to employees.
Foster a culture of security awareness and accountability across the organization.
Bachelor’s degree in Information Security, Business Administration, or a related field.
4–6+ years of experience …
This job isn't fresh anymore!
Search Fresh JobsJob Profile
Collaborative workspaces Competitive compensation Diverse Team Growth Opportunities Healthcare Benefits Paid Time Off Remote-first work environment Stock options Work-life balance
Tasks- Collaborate
- Collaborate with teams
- Conduct risk assessments
- Develop policies and procedures
- Develop training programs
- Maintain compliance records
- Oversee audits
Analytical AWS Azure CIS Controls Collaboration Communication Compliance Cross-functional Collaboration Customer Needs FedRAMP GDPR Google Cloud GRC tools Healthcare HIPAA ISO 27001 Market Analysis NIST Problem-solving Project Management Risk Management SaaS Sales Security SOC 2 Training
Experience4-6 years
EducationBachelor's degree Business Administration Information Security Related Field
Certifications TimezonesAmerica/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9