Fractional Security & Compliance Lead (IT & GRC) - Remote

Overview

As a Fractional Security & Compliance Lead (20-40%) at Optiml, you will take full ownership of our security and compliance function, managing SOC 2 Type II and ISO 27001 programs end to end, coordinating audits, managing evidence and remediation, and ensuring controls stay effective as the company scales.

In Short

• Manage the full lifecycle of SOC 2 Type 2 and ISO 27001 compliance programs.
• Serve as the primary liaison for external compliance auditors.
• Lead responses to technical security questionnaires.
• Securely administer internal IT infrastructure.
• Handle IT onboarding/offboarding processes.
• Design and audit Role-Based Access Controls (RBAC).
• Develop and maintain security policies aligned with GRC frameworks.

Requirements

• Experience managing compliance frameworks (SOC 2, ISO 27001).
• Hands-on experience with Microsoft 365/Entra ID and Google Workspace.
• Knowledge of IAM principles including RBAC and MFA.
• Proficiency in automation tools or scripting languages.
• Ability to operate independently and manage complex projects.
• Strong communication skills.

Benefits

• Impact: Play a critical role in scaling a transformative company.
• Ownership: Build and own the operational backbone of a startup.
• Growth: Work closely with an exceptional leadership team.
• Culture: Join a mission-driven, high-performance team.
• Benefits: Competitive salary, equity options, learning budget, and 25 days paid vacation.