Director of Security & Compliance

About Plaud Inc.Plaud is revolutionizing the way professionals interact with technology through our innovative AI work companion designed to boost productivity and enhance performance via intuitive note-taking solutions. Since our inception in 2023, we have garnered the trust of over 1,500,000 users globally.Based in San Francisco and incorporated in Delaware, Plaud Inc. is at the forefront of human–AI intelligence, leveraging a unique combination of hardware and software. We adhere to the highest standards of security and privacy, ensuring compliance with SOC 2, HIPAA, GDPR, ISO27001, ISO27701, and EN18031.To discover more about our journey and innovations, visit https://www.Plaud.ai and connect with us on Instagram, X, Facebook, LinkedIn, and YouTube.

Merge stands at the forefront of providing innovative agentic tools and seamless customer integrations for cutting-edge LLMs, Fortune 500 firms, and B2B SaaS companies. Our platform features two pivotal products: Merge Unified, which allows businesses to incorporate numerous integrations effortlessly through a single API, and Merge Agent Handler, which grants AI agents secure access to a myriad of third-party tools. With an enterprise-grade platform, Merge expertly manages the entire integration lifecycle, encompassing authentication, security, monitoring, and maintenance. Countless organizations trust Merge to expedite product development, remove sales hurdles, minimize customer attrition, and conserve engineering resources, enabling them to concentrate on their primary offerings. As Merge aims to empower all B2B integrations, we are equally committed to facilitating data movement for some of the most security-conscious companies globally. Collaborating with such esteemed organizations necessitates adherence to industry-leading security standards and a relentless commitment to safeguarding our systems.In your role as the Director of Security, you will oversee our comprehensive security initiatives, which include infrastructure management, compliance adherence, and security automation. While specific experience in every aspect is not mandatory, enthusiasm for learning and tackling challenges is essential.Your Responsibilities:Develop and execute a strategic security roadmap.Lead our compliance automation efforts (e.g., SOC 2, ISO 27001, HIPAA). You will spearhead these initiatives with the aid of your team, utilizing Drata.Instill a culture of security awareness among all Merge engineers and employees.Oversee our Bug Bounty Program.Implement robust security controls across the organization, from infrastructure to continuous integration (CI).Establish both manual and automated security practices to address vulnerabilities.Support security reviews, threat modeling, disaster recovery exercises, and code assessments.

Join Hive as a Security Compliance Manager and take the lead in enhancing our security framework. Collaborate with engineers and auditors to ensure compliance with industry standards such as ISO and SOC, as well as federal regulations. You will own the execution of our Information Security program, focusing on improving personnel screening compliance and risk monitoring. Your role will require effective communication with technology and business leaders across all levels, driving consensus among stakeholders to ensure security controls are effective and remediated as necessary.

Your Role at Lila SciencesThe Senior Director of Cloud Security and Compliance will spearhead the comprehensive security, governance, risk management, and regulatory compliance for our cloud environments and research workflows. In this pivotal role, you will architect and oversee cloud security frameworks, data protection strategies, and compliance initiatives across both multi-cloud and on-premises infrastructures. You will collaborate closely with teams in Engineering, Data Science, IT, Legal, and Compliance to establish secure operational patterns, facilitate swift yet secure experimentation, and uphold a resilient governance program that provides verifiable evidence for regulators and clients.Your ContributionsCloud Security Architecture & GovernanceFormulate and uphold a comprehensive cloud security strategy, reference architectures, and security standards for public cloud environments (AWS, Azure, GCP) and hybrid solutions.Implement secure-by-default design patterns for cloud resources, data flows, and analytics, while intentionally setting CI/CD security patterns aside from your primary focus.Establish and manage IAM principles of least privilege, network segmentation, private endpoints, key/secret management, and centralized logging for AWS, Kubernetes, and cloud-native services.Governance, Compliance & Risk ManagementCreate, execute, and continuously enhance policies, standards, and procedures in line with key frameworks (e.g., NIST CSF, NIST 800-53, FedRamp, ISO 27001, SOC 2, GDPR/CCPA).Oversee the data protection program, including data classification, minimization, retention, and lifecycle management; supervise relevant DLP strategies.Conduct third-party risk assessments, manage vendor security inquiries, and oversee security clauses in contracts, ensuring audit evidence is well-maintained.Security Controls & MonitoringDefine and supervise security controls across cloud resources, focusing on identity and access management, encryption, key management, log collection, and telemetry.Work in tandem with Security Operations to implement monitoring systems, alerting protocols, incident response coordination, and audit evidence collection.Compliance & Audit ReadinessPrepare for internal and external audits by mapping controls to frameworks and translating them into actionable engineering artifacts and evidence.Ensure ongoing compliance with SOC 2, ISO 27001, and other regulatory mandates, collaborating with Legal and Privacy on data protection controls.Data and Machine Learning SecurityEnhance security protocols for data and machine learning/AI processes, focusing on privacy protection and secure data handling.

Join Hive as a Security Compliance Analyst, where you will play a pivotal role in ensuring our information security governance and compliance standards are met. Collaborate with engineers and auditors to strengthen our security compliance framework. You will be responsible for addressing auditors' inquiries and managing on-call operations, while contributing to the risk management program led by our Information Security team. If you're passionate about securing innovative AI solutions, we want to hear from you!

gongio seeks a Director of Employment, Ethics & Compliance to guide compliance efforts from its San Francisco office. This leader will ensure the company meets legal standards and maintains a workplace rooted in integrity. The position has a direct impact on company culture, supporting ethical practices and accountability throughout the organization. Key Responsibilities Direct compliance initiatives across all areas of the company Monitor and enforce adherence to employment laws and ethical standards Create and manage strategies to strengthen compliance Work with various departments to deliver training programs Foster a culture centered on integrity and responsibility Requirements Significant experience in employment law, compliance, and ethical governance Demonstrated leadership ability Strong collaboration skills across different teams This role is located in San Francisco.

Join Flex Ltd. as a Senior Director of Product Compliance, where you will play a pivotal role in ensuring that our products meet all regulatory standards and compliance requirements. In this leadership position, you will oversee compliance strategies, collaborate with cross-functional teams, and drive initiatives that protect our customers and our brand. You will leverage your extensive experience in product compliance to enhance our operations and support the continuous improvement of our processes.

We are seeking an accomplished Director of IT and Corporate Security to join our dynamic team at Scribd Inc. In this pivotal role, you will lead our IT security strategy, ensuring the protection of our corporate infrastructure against emerging threats. You will collaborate with cross-functional teams to enhance our security protocols and foster a culture of security awareness within the organization.

About UsAt Sierra, we are pioneering a platform designed to enhance human connections in customer experiences through advanced AI technologies. Our headquarters is in San Francisco, with expanding offices in Atlanta, New York, London, France, Singapore, and Japan.Our culture is defined by essential values: Trust, Customer Obsession, Craftsmanship, Intensity, and Family. These principles guide our actions and are integral to our success.Our co-founders, Bret Taylor and Clay Bavor, bring extensive experience from leading roles at OpenAI, Salesforce, Facebook, and Google, among others.What You Will DoOversee independent audits and compliance programs, including ISO 42001, PCI DSS, NIST 800-53, FedRAMP, HIPAA, and other relevant frameworks.Lead the definition of project scope, conduct readiness assessments, engage auditors, plan remediation efforts, and report to executives.Gain a comprehensive understanding of Sierra’s Conversational AI Platform, model providers, and cloud architecture. Collaborate with Platform and Agent Engineering teams to implement controls across diverse cloud environments.Create and maintain a centralized library of security controls aligned with compliance, regulatory, and customer requirements. Continuously evaluate control effectiveness, identify vulnerabilities, prioritize risks, and drive remediation efforts to enhance our security posture.Establish and enforce security baselines for cloud infrastructure, containerized workloads, Kubernetes, identity management, encryption, logging, and network security. Work alongside engineering teams to integrate security measures into configuration and change management processes.Develop and manage automated compliance workflows leveraging AI, infrastructure as code, and security tools to optimize efficiency and assurance of controls.

At Ripple Labs Inc., we are pioneering a future where value is transferred as effortlessly as information is today. Our ambitious vision is already becoming a reality through innovative crypto solutions tailored for financial institutions, businesses, governments, and developers. By enhancing the global financial framework, we aim to foster economic equality and open doors of opportunity for individuals worldwide. Here, you will have the chance to excel in your career, expand your expertise, and collaborate with a supportive team.If you are eager to make a significant impact and unlock exceptional career advancement prospects, we invite you to join us in creating tangible value in the world.THE ROLE:As the Director of Security Engineering, you will lead and manage a proactive and dedicated team of Security Engineers focused on safeguarding Ripple's products, infrastructure, and corporate IT systems. Your strategic vision will be instrumental in shaping our security framework and nurturing a company-wide culture of security awareness. Your leadership will be vital in ensuring the protection of our business and our clients by integrating security practices at every level of our technology stack.KEY RESPONSIBILITIES:Develop and execute a strategic roadmap for the Security Engineering team, emphasizing product security, infrastructure security, and IT security.Lead, mentor, and empower a team of security engineers, fostering an environment that prioritizes technical excellence, continuous learning, and innovation.Act as a subject matter expert in security, providing insights and articulating security risks and principles to senior leadership, engineering teams, and stakeholders.Implement security protocols across the engineering division, ensuring that security considerations are embedded into daily development activities.Work collaboratively with engineering, product, and IT leadership to ensure alignment on security objectives and advocate for security measures on behalf of our customers.

Join our dynamic team as the Director of IT & Security, where you will play a pivotal role in steering our IT operations towards excellence. As a seasoned professional, you will lead the IT department, devising and executing robust IT policies and systems that align with our corporate objectives.In this strategic role, you will collaborate with various stakeholders to develop an IT strategy that not only meets but exceeds the expectations of our business landscape. Your ability to foster relationships across departments will be essential in understanding and enhancing cross-functional business processes, creating a comprehensive roadmap for improvement.

We are seeking an experienced and strategic leader to join our team as the Director of Global Physical Security. In this role, you will be responsible for overseeing and enhancing our physical security operations worldwide, ensuring the safety of our personnel and assets. You will develop and implement security policies, manage security personnel, and coordinate with local law enforcement and security agencies.The ideal candidate will possess exceptional leadership skills, a deep understanding of security protocols, and the ability to work collaboratively across various departments. You will also be expected to stay ahead of security trends and threats, thereby ensuring our organization is well-prepared to mitigate risks.

Join Our TeamFieldwire is actively seeking a talented and seasoned Director of Information Security to enhance our team. As a premier provider of Construction Software solutions, we pride ourselves on delivering top-notch security measures. This pivotal role is classified as Line of Defense 1, where you will spearhead the definition, ownership, and execution of our product security program, ensuring adherence to legal standards and regulatory frameworks. Ideal candidates will possess strategic thinking abilities, exceptional communication skills, and extensive expertise in product security protocols, technologies, and standards.Your ResponsibilitiesServe as the Product Business Information Security Officer for Fieldwire.Design, own, and execute a comprehensive product security enhancement plan.Evaluate and identify product security risks and vulnerabilities.Collaborate with management to embed security measures into our software products and business workflows.Provide security incident reports and mitigation strategies to management.Assist the Head of Construction Software Security & GRC in various cybersecurity initiatives.Engage closely with other Information Security Officers within Hilti, the Group CISO.Analyze evolving regulatory and legal changes (e.g., NIST, CRA, NIS2, EU AI data act), translating them into actionable requirements and overseeing their implementation.Independently manage projects pertaining to information and product security, from conception to implementation.Oversee specific security areas such as Cloud & AI Security or technical risk assessments within Fieldwire.Contribute to the ongoing enhancement of security architecture, ICS, and ICT & cyber risk management for Fieldwire.Maintain Fieldwire's SOC2 certification and support the Group's ISO27001 certification.Coordinate internal and external audits related to information and product security, ensuring the execution of resulting recommendations.

Scale AI is on the lookout for a dynamic and seasoned Director of Governance, Risk, and Compliance (GRC) to spearhead our centralized GRC function. This crucial role is designed to fortify and propel the organization forward. The selected candidate will play a key role in enhancing and guiding our GRC framework, establishing a long-term strategic vision, collaborating with various teams across the company, and representing Scale’s GRC interests to partners, regulators, and stakeholders. A strong foundation in corporate regulatory compliance and risk management, alongside excellent leadership and relationship-building skills, is essential for success in this role.Key Responsibilities:Lead the GRC function, encompassing compliance governance, advisory, risk management, and regulatory adherence.Develop and mentor a team of compliance professionals focused on governance, assurance, and GRC engineering to create efficient systems and processes.Enhance Scale’s Enterprise Risk Management (ERM) program, focusing on risk identification, assessment, mitigation, and reporting.Collaborate with Legal, Security, Product, Engineering, and Operations teams to support Scale’s growth in a regulated environment.Contribute to Scale’s AI governance strategy, including the implementation of new AI regulations such as the EU AI Act and NIST AI RMF.Drive the vision for how GRC can protect Scale while also serving as a competitive advantage.Represent the GRC team to internal and external stakeholders, including partners and regulators.Maintain a strategic outlook on compliance while being detail-oriented on specific compliance issues.

At Scribd, Inc., we are dedicated to enhancing human understanding through our innovative products: Scribd®, Slideshare®, Everand™, and Fable. Together, these platforms empower billions globally with insights, applications, and expertise.Our CultureWe foster a culture of authenticity and boldness, where open debate and commitment lead to embracing the unexpected. Every employee is encouraged to take initiative, emphasizing our commitment to customer satisfaction.We believe that optimal performance arises from a balance of individual flexibility and meaningful community engagement. Scribd Flex allows employees to choose their work style and location for peak productivity, while also valuing intentional in-person interactions to enhance collaboration and culture. All employees, regardless of location, are required to attend occasional in-person meetings.We seek team members who embody “GRIT”: a combination of passion and perseverance towards long-term goals. This spirit defines our work ethic, guiding us to set and accomplish goals, deliver results, foster innovative solutions, and strengthen our team dynamics through collaboration.Role OverviewWe are looking for a Director of IT to spearhead our Corporate IT and Digital Workplace initiatives. This role is a dynamic blend of leadership, operational oversight, and innovation. You will be responsible for enhancing the technology experience for our employees while ensuring the reliability, security, and scalability of our IT systems and enterprise applications.In this pivotal role, you will be tasked with driving strategic outcomes, providing clarity and structure in your approach, and exercising sound judgment regarding risk management, compliance, and operational speed. You will develop scalable systems that minimize manual work and elevate employee experience, ensuring governance while promoting agility. Collaboration with company leaders will be essential to position IT as a strategic catalyst for productivity, efficiency, and prudent risk management, including the thoughtful integration of AI tools that yield tangible business benefits.

About AirwallexAirwallex stands as the premier unified payments and financial platform designed for global enterprises. Our innovative blend of proprietary infrastructure and cutting-edge software empowers over 200,000 businesses globally—including industry leaders like Brex, Rippling, Navan, Qantas, and SHEIN—with comprehensive solutions for managing everything from business accounts and payments to spend management, treasury, and embedded finance on a worldwide scale.Founded in Melbourne, we proudly bring together a diverse team of over 2,000 talented professionals across 26 global locations. With a valuation of $8 billion, we are supported by esteemed investors such as T. Rowe Price, Visa, Mastercard, Robinhood Ventures, Sequoia, Salesforce Ventures, DST Global, and Lone Pine Capital. At Airwallex, we are redefining the landscape of global payments and financial services. If you are prepared to undertake the most ambitious work of your career, we invite you to join us.

About Forge Global Forge Global, Inc. builds technology for private markets. The team’s work supports companies and investors shaping fields from space exploration to artificial intelligence. The company’s core values are innovation, responsibility, and humility. What Forge Offers Forge provides a suite of liquidity solutions, proprietary data insights, custody services, and a marketplace for private securities. The platform helps employees sell private shares, lets employers offer pre-IPO liquidity, and connects both individual and institutional investors to private company growth. The marketplace serves a global audience and aims to make private markets more transparent and accessible. Why Forge Is Growing Interest from investors and customers continues to increase as demand for private company stock exposure rises. Forge’s expanding network is driving the need for new team members to support companies, investors, and innovators in this evolving market.

Discord is a vibrant platform that brings together over 200 million users each month, primarily for one exciting reason: gaming. With over 90% of our community engaged in gaming, they collectively spend 1.5 billion hours each month immersed in a plethora of unique titles. As a cornerstone for the gaming future, Discord is dedicated to enhancing the experience of social interactions before, during, and after gaming sessions.The Security & IT division is undergoing a transformative phase, expanding its scope and establishing new functions, while also recruiting seasoned leaders in security operations, governance, risk management, and IT. This pivotal role reports directly to the Office of the CTO and acts as the operational backbone of the organization. You will be responsible for managing operating rhythms, executive reporting, budget oversight, and program management practices that ensure smooth operations, allowing the Head of Security & IT to focus on strategic initiatives, risk management, and the organization’s outward mission.This position sits at the confluence of Security, IT, and related areas such as Privacy and Governance, Risk Management, and Compliance (GRC). You will collaborate with engineering leaders to execute strategies, work with Technical Program Managers (TPMs) on strategic initiatives, and partner with the Head of Security & IT to ensure our strategies translate into tangible outcomes. Importantly, you will not only coordinate efforts but also serve as a strategic partner and proactive builder, comfortable analyzing the feasibility of strategies while launching new programs from the ground up.Your ResponsibilitiesImplement the Security & IT strategy across teams, serving as the key accountability layer that monitors the progress of roadmap items, addresses risks proactively, and ensures executive queries are met with informed responses.Evaluate the Security & IT strategy against organizational realities, providing insights on feasibility, prioritization, and resource allocation. You will shape the strategy as much as you will execute it.Initiate and lead critical programs as needed. Whether the organization needs to create a new capability or you identify a gap (such as insider threat management or security awareness), you will define the approach, establish it for stable operation, and hand it over to the appropriate team for long-term management.Manage the operational rhythms of the organization, including Monthly Business Reviews (MBRs), Quarterly Business Reviews (QBRs), planning cycles, delivery tracking, executive reporting, and budget governance, ensuring the Head of Security & IT has consistent visibility and operational efficiency.

About SierraAt Sierra, we’re on a mission to revolutionize customer interactions through our innovative AI platform. Headquartered in San Francisco, we also have offices in vibrant cities like Atlanta, New York, London, France, Singapore, and Japan, fostering a collaborative in-person work environment.Our core values—Trust, Customer Obsession, Craftsmanship, Intensity, and Family—are integral to our culture and guide our daily actions. We are committed to these values and strive to embody them in every facet of our work.Our visionary co-founders, Bret Taylor and Clay Bavor, bring an exceptional wealth of experience from their previous roles at OpenAI, Salesforce, Facebook, and Google, driving Sierra towards a future of secure and responsible AI.Role OverviewAs the Security Technical Program Manager, you will spearhead security initiatives for our Conversational AI Platform, focusing on data protection, identity and access management, infrastructure fortification, change management, operational resilience, and vulnerability management.Your leadership will bring structure, transparency, and accountability to essential security programs, ensuring alignment with our growth objectives and enhancing customer trust.You will shape our compliance readiness by aligning with various frameworks such as ISO 42001, ISO 27001, PCI DSS, SOC 2, HIPAA, and the EU AI Act, translating these into practical controls and scalable processes.Foster a security-first culture by developing awareness programs that empower every team member to recognize and embrace their role in safeguarding Sierra and our customers.Integrate trust by design, collaborating with Product, Platform, and Agent Engineering teams to incorporate security, privacy, and responsible AI practices into our development lifecycle.Collaborative EnvironmentYou will work closely with diverse teams including Product, Platform Engineering, Agent Development, Legal, Operations, Sales, and GTM, facilitating the integration of security and compliance throughout our tech stack. Your role is a critical interface between technical execution, business advancement, and evolving regulatory demands.

About Forge Global Forge Global builds technology for the private market, supporting innovation across industries such as space exploration and artificial intelligence. The company’s vision centers on making private markets more transparent and accessible for companies, employees, and investors. Forge’s platform provides liquidity solutions, exclusive insights, custody services, and a marketplace for private company shares. Employees can sell private shares, employers can offer pre-IPO liquidity, and both individual and institutional investors can participate in the growth of private unicorns. Growing interest from investors and customers has expanded Forge’s reach, driving the need for new team members to help serve an increasing number of companies and innovators. Location San Francisco, California, United States