We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Security & Compliance Lead (Remote - US) at Jobgether. This position is posted by Jobgether on behalf of CompanyCam. We are currently looking for a Security & Compliance Lead in the United States.. This role is a high-impact position responsible for leading security governance, compliance operations, and customer trust initiatives. The Security & Compliance Lead will partner closely with engineering, legal, and leadership teams to build scalable security practices, embed compliance early in product development, and maintain regulatory readiness. The ideal candidate thrives in a fast-paced, remote-first environment, translating complex policy into actionable processes while strengthening organizational security posture. This position is pivotal in protecting company and customer data, promoting a culture of security awareness, and supporting sustainable growth.. . Accountabilities. . Manage day-to-day operations of SOC 2 Type II compliance, including evidence collection, control monitoring, and audit readiness.. . Serve as the security and compliance subject matter expert for engineering and product teams, maintaining internal documentation and consulting on secure design practices.. . Coordinate annual third-party penetration testing: schedule tests, triage findings, track remediation, and schedule retests.. . Maintain and update the customer-facing Trust Center, ensuring accurate disclosures of security, privacy, and compliance practices.. . Review procurement and vendor contracts for security-related requirements and risks.. . Respond to security questionnaires and due diligence requests from prospective customers and partners.. . Collaborate with Legal to translate regulatory and contractual requirements into actionable engineering specifications.. . Conduct risk assessments, improve security policies, and support remediation efforts across teams.. . Promote security awareness and secure-by-default engineering practices.. . Stay informed about emerging threats and evolving compliance obligations.. . . 4+ years of experience in security compliance, GRC, or a related function, ideally in a B2B SaaS environment.. . Hands-on experience with SOC 2, ISO 27001, GDPR, CCPA/CPRA, or similar compliance frameworks.. . Experience supporting or administering a GRC platform such as Vanta, Drata, or Tugboat Logic.. . Skilled in managing security questionnaires, audit evidence collection, and vendor risk assessments.. . Strong written communication skills to translate complex compliance requirements into clear guidance.. . Comfortable working cross-functionally with engineering, legal, auditors, and customers.. . Proven track record of maintaining or building Trust Centers and compliance documentation.. . U.S.-based and eligible to work permanently in the United States.. . Nice-to-have: familiarity with incident response planning, DevSecOps principles, or promoting security awareness programs.. . Company Location: United States.