Related skills
iso 27001 grc pci dss soc 2 nist csfπ Description
- Codify and execute the security roadmap; harden critical systems.
- Partner with PDE to embed security in the dev lifecycle.
- Own the security incident response plan end-to-end.
- Improve IAM, MFA, and endpoint security with IT.
- Understand fraud vectors in fundraising; build defenses.
- Manage vendor risk assessments and drive remediation.
π― Requirements
- 7+ years in information security, security engineering, or GRC; 4+ years in fintech.
- Hands-on hardening of prod systems at growth-stage company (Series AβD).
- Deep SOC 2 and PCI DSS knowledge; plus NIST CSF/ISO 27001 or CIS Controls.
- Experience leading external audits end-to-end.
- Hands-on administering GRC platforms (Vanta, Drata, Secureframe) with remediation workflows.
- Build programs, write playbooks, and translate security topics for non-technical stakeholders.
π Benefits
- Remote Work: work remotely from 10 hubs.
- Health Insurance: medical, dental, vision for employees with HSA/FSA.
- 401k match: 3% for eligible employees.
- Flexible PTO with uncapped vacation days and holidays.
- Family Care Support: UrbanSitter membership and care credits.
- Home Office Stipend to upgrade your setup.
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!