Security Controls Assurance Lead

📋 Description

• Define control framework and requirements for autonomous AI operators; assess implementations.
• Pressure-test infrastructure, system, and agent changes for control impact during design.
• Set the compliance bar for home-built systems: auditability, segregation of duties, and change control.
• Define criteria for where/how AI can operate, with human-in-the-loop thresholds and evidence.
• Establish validation, evidence, and governance standards for AI-performed and AI-assisted processes to withstand audits.
• Assess introduction of new compliance frameworks and scope changes before commitments.
• Stand up or advise on audit workflows for the assurance team, including Claude-driven testing and automated evidence.

🎯 Requirements

• Thrives in hypergrowth; makes calls with incomplete information and reprioritizes as needed.
• Support tech controls via SOX readiness or equivalent rigor (FedRAMP, SOC 2, ISO).
• Engineering fluency: read code and Terraform; follow CI/CD; challenge designs.
• Proficient in Python or systems languages (Go, Rust, C/C++).
• Deep familiarity with developer platform, release engineering, or infra control domains.
• Translate regulatory language into engineering acceptance criteria and back to assurance.

🎁 Benefits

• Competitive compensation and benefits.
• Optional equity donation matching.
• Generous vacation and parental leave.
• Flexible working hours.
• Office space in San Francisco.
• Collaborative, mission-driven environment.