Manager of Infosec and Compliance - Remote

Overview

We’re looking for a hands-on, strategic security leader to own and evolve our security function from the ground up. In this role, you won’t just manage security—you’ll define it. You’ll drive cross-functional initiatives, embed scalable compliance practices, and ensure our security posture stays ahead of emerging threats. If you thrive on autonomy, crave impact, and are excited by the challenge of building and leading a world-class security program in a high-growth startup, we want to hear from you.

In Short

• Own the security function and lead strategy, execution, and representation across internal and external stakeholders
• Drive security and compliance efforts across Engineering, DevOps, IT, Legal, and Sales—embedding standards like SOC 2, CCPA, and GDPR into scalable practices
• Operate with autonomy to shape the security roadmap, manage incidents, and continuously improve posture without day-to-day direction
• Lead and manage compliance programs, including maintaining our compliance automation framework and ensuring audit readiness
• Design and guide secure infrastructure practices in collaboration with DevOps and Engineering, particularly in Azure cloud environments
• Conduct and manage penetration testing and DAST/SAST scans; oversee vulnerability tracking and remediation
• Plan and run cross-functional security tabletop exercises to test and improve incident readiness across teams
• Implement and maintain Security Posture Management (SPM) best practices across Cloud, Data, Identity, and Application layers using modern platforms and tools
• Maintain and evolve security policies and governance frameworks to stay ahead of changing regulatory and threat landscapes
• Lead incident response processes from triage to resolution, root cause analysis, and preventative strategy development

Requirements

• 6+ years in Information Security, with 2+ years in a leadership or management role.
• Strong preference for candidates who have worked at small startups and helped scale security programs or teams.
• Proven experience leading compliance efforts, managing audits, and owning incident response processes.
• Experience implementing and managing Security Posture Management (SPM) practices and tools across Cloud, Data, Identity, and Application domains.
• Plan and run cross-functional security tabletop exercises to test and improve incident readiness across teams.
• Familiarity with SOC 2 Type II, GDPR, CCPA, and cloud-native security best practices.
• Hands-on experience with Azure security services and tools.
• Preferred certifications: CISSP, CISM, CEH, or equivalent.

Benefits

• Flexible Paid Time Off
• Health Insurance
• Dental Insurance
• Vision Insurance
• 401K Match