Security GRC Manager at Hex Technologies | SF, NYC, or Remote

Join Hive as a Security Compliance Manager and take the lead in enhancing our security framework. Collaborate with engineers and auditors to ensure compliance with industry standards such as ISO and SOC, as well as federal regulations. You will own the execution of our Information Security program, focusing on improving personnel screening compliance and risk monitoring. Your role will require effective communication with technology and business leaders across all levels, driving consensus among stakeholders to ensure security controls are effective and remediated as necessary.

About UsAt Sierra, we are pioneering a platform designed to enhance human connections in customer experiences through advanced AI technologies. Our headquarters is in San Francisco, with expanding offices in Atlanta, New York, London, France, Singapore, and Japan.Our culture is defined by essential values: Trust, Customer Obsession, Craftsmanship, Intensity, and Family. These principles guide our actions and are integral to our success.Our co-founders, Bret Taylor and Clay Bavor, bring extensive experience from leading roles at OpenAI, Salesforce, Facebook, and Google, among others.What You Will DoOversee independent audits and compliance programs, including ISO 42001, PCI DSS, NIST 800-53, FedRAMP, HIPAA, and other relevant frameworks.Lead the definition of project scope, conduct readiness assessments, engage auditors, plan remediation efforts, and report to executives.Gain a comprehensive understanding of Sierra’s Conversational AI Platform, model providers, and cloud architecture. Collaborate with Platform and Agent Engineering teams to implement controls across diverse cloud environments.Create and maintain a centralized library of security controls aligned with compliance, regulatory, and customer requirements. Continuously evaluate control effectiveness, identify vulnerabilities, prioritize risks, and drive remediation efforts to enhance our security posture.Establish and enforce security baselines for cloud infrastructure, containerized workloads, Kubernetes, identity management, encryption, logging, and network security. Work alongside engineering teams to integrate security measures into configuration and change management processes.Develop and manage automated compliance workflows leveraging AI, infrastructure as code, and security tools to optimize efficiency and assurance of controls.

Join Hive as a Security Compliance Analyst, where you will play a pivotal role in ensuring our information security governance and compliance standards are met. Collaborate with engineers and auditors to strengthen our security compliance framework. You will be responsible for addressing auditors' inquiries and managing on-call operations, while contributing to the risk management program led by our Information Security team. If you're passionate about securing innovative AI solutions, we want to hear from you!

About Plaud Inc.Plaud is revolutionizing the way professionals interact with technology through our innovative AI work companion designed to boost productivity and enhance performance via intuitive note-taking solutions. Since our inception in 2023, we have garnered the trust of over 1,500,000 users globally.Based in San Francisco and incorporated in Delaware, Plaud Inc. is at the forefront of human–AI intelligence, leveraging a unique combination of hardware and software. We adhere to the highest standards of security and privacy, ensuring compliance with SOC 2, HIPAA, GDPR, ISO27001, ISO27701, and EN18031.To discover more about our journey and innovations, visit https://www.Plaud.ai and connect with us on Instagram, X, Facebook, LinkedIn, and YouTube.

Your Role at Lila SciencesThe Senior Director of Cloud Security and Compliance will spearhead the comprehensive security, governance, risk management, and regulatory compliance for our cloud environments and research workflows. In this pivotal role, you will architect and oversee cloud security frameworks, data protection strategies, and compliance initiatives across both multi-cloud and on-premises infrastructures. You will collaborate closely with teams in Engineering, Data Science, IT, Legal, and Compliance to establish secure operational patterns, facilitate swift yet secure experimentation, and uphold a resilient governance program that provides verifiable evidence for regulators and clients.Your ContributionsCloud Security Architecture & GovernanceFormulate and uphold a comprehensive cloud security strategy, reference architectures, and security standards for public cloud environments (AWS, Azure, GCP) and hybrid solutions.Implement secure-by-default design patterns for cloud resources, data flows, and analytics, while intentionally setting CI/CD security patterns aside from your primary focus.Establish and manage IAM principles of least privilege, network segmentation, private endpoints, key/secret management, and centralized logging for AWS, Kubernetes, and cloud-native services.Governance, Compliance & Risk ManagementCreate, execute, and continuously enhance policies, standards, and procedures in line with key frameworks (e.g., NIST CSF, NIST 800-53, FedRamp, ISO 27001, SOC 2, GDPR/CCPA).Oversee the data protection program, including data classification, minimization, retention, and lifecycle management; supervise relevant DLP strategies.Conduct third-party risk assessments, manage vendor security inquiries, and oversee security clauses in contracts, ensuring audit evidence is well-maintained.Security Controls & MonitoringDefine and supervise security controls across cloud resources, focusing on identity and access management, encryption, key management, log collection, and telemetry.Work in tandem with Security Operations to implement monitoring systems, alerting protocols, incident response coordination, and audit evidence collection.Compliance & Audit ReadinessPrepare for internal and external audits by mapping controls to frameworks and translating them into actionable engineering artifacts and evidence.Ensure ongoing compliance with SOC 2, ISO 27001, and other regulatory mandates, collaborating with Legal and Privacy on data protection controls.Data and Machine Learning SecurityEnhance security protocols for data and machine learning/AI processes, focusing on privacy protection and secure data handling.

The Compliance Manager at West Monroe Partners focuses on upholding regulatory standards and internal policies across the organization. This position calls for a strong understanding of compliance risks and the ability to develop practical solutions to address them. Role overview This role involves working with teams from different departments to promote ethical practices and a culture of compliance. The Compliance Manager identifies potential risks, advises on best practices, and supports the implementation of compliance strategies. Key responsibilities Monitor and interpret relevant regulations and internal policies Identify compliance risks and recommend mitigation strategies Collaborate with cross-functional teams to reinforce compliance standards Support efforts to foster ethical conduct throughout the company Locations This position is available in Chicago, Dallas, Los Angeles, Minneapolis, New York, San Francisco, and Seattle.

About SierraAt Sierra, we’re on a mission to revolutionize customer interactions through our innovative AI platform. Headquartered in San Francisco, we also have offices in vibrant cities like Atlanta, New York, London, France, Singapore, and Japan, fostering a collaborative in-person work environment.Our core values—Trust, Customer Obsession, Craftsmanship, Intensity, and Family—are integral to our culture and guide our daily actions. We are committed to these values and strive to embody them in every facet of our work.Our visionary co-founders, Bret Taylor and Clay Bavor, bring an exceptional wealth of experience from their previous roles at OpenAI, Salesforce, Facebook, and Google, driving Sierra towards a future of secure and responsible AI.Role OverviewAs the Security Technical Program Manager, you will spearhead security initiatives for our Conversational AI Platform, focusing on data protection, identity and access management, infrastructure fortification, change management, operational resilience, and vulnerability management.Your leadership will bring structure, transparency, and accountability to essential security programs, ensuring alignment with our growth objectives and enhancing customer trust.You will shape our compliance readiness by aligning with various frameworks such as ISO 42001, ISO 27001, PCI DSS, SOC 2, HIPAA, and the EU AI Act, translating these into practical controls and scalable processes.Foster a security-first culture by developing awareness programs that empower every team member to recognize and embrace their role in safeguarding Sierra and our customers.Integrate trust by design, collaborating with Product, Platform, and Agent Engineering teams to incorporate security, privacy, and responsible AI practices into our development lifecycle.Collaborative EnvironmentYou will work closely with diverse teams including Product, Platform Engineering, Agent Development, Legal, Operations, Sales, and GTM, facilitating the integration of security and compliance throughout our tech stack. Your role is a critical interface between technical execution, business advancement, and evolving regulatory demands.

At NerdWallet, we are dedicated to providing clarity in financial decisions, and our mission is fueled by our exceptional team of Nerds. We cultivate an inclusive, flexible, and transparent culture that empowers our team members to grow, take calculated risks, and express their true selves (cape optional). Whether you choose to work remotely or in the office, we support your optimal work style. We prioritize your well-being, professional development, and ability to make a meaningful impact, because when one Nerd excels, we all benefit.As the Regulatory Compliance Manager, you will play a pivotal role in enhancing the Company’s Compliance Management System (CMS). This position will emphasize the implementation and execution of compliance monitoring, testing programs, risk assessments, and policy governance within a vibrant fintech environment.This position is ideal for a compliance expert who excels at building frameworks, refining processes, and collaborating closely with the business as the CMS matures. Previous experience in consumer lending and insurance is highly desirable.This role reports directly to the Chief Compliance Officer.Your Impact:Enhance and support the Company’s recently launched Compliance Management System (CMS), focusing on risk assessments, monitoring, issue management, and governance processes.Execute compliance monitoring and testing across various business lines including marketing, product, operations, and third-party vendors, document findings, and assist with remediation efforts.Contribute to enterprise compliance risk assessments, which encompass risk identification, scoring, and tracking of issue mitigation.Aid in drafting, reviewing, and maintaining compliance policies and procedures, ensuring they are up-to-date, practical, and aligned with regulatory standards.Stay informed on regulatory changes impacting fintech, consumer lending, and insurance products, providing actionable compliance guidance to Legal and Compliance Management.Collaborate with cross-functional teams to integrate compliance controls into business processes and facilitate scalable growth.Establish key performance indicators (KPIs) and metrics to evaluate the effectiveness of the compliance program.Your Qualifications:Bachelor’s degree in business, finance, accounting, risk management, or a related field.A minimum of 5 years of experience in regulatory compliance within financial services or fintech.Proficient in compliance monitoring, risk assessments, and policy governance.

Merge stands at the forefront of providing innovative agentic tools and seamless customer integrations for cutting-edge LLMs, Fortune 500 firms, and B2B SaaS companies. Our platform features two pivotal products: Merge Unified, which allows businesses to incorporate numerous integrations effortlessly through a single API, and Merge Agent Handler, which grants AI agents secure access to a myriad of third-party tools. With an enterprise-grade platform, Merge expertly manages the entire integration lifecycle, encompassing authentication, security, monitoring, and maintenance. Countless organizations trust Merge to expedite product development, remove sales hurdles, minimize customer attrition, and conserve engineering resources, enabling them to concentrate on their primary offerings. As Merge aims to empower all B2B integrations, we are equally committed to facilitating data movement for some of the most security-conscious companies globally. Collaborating with such esteemed organizations necessitates adherence to industry-leading security standards and a relentless commitment to safeguarding our systems.In your role as the Director of Security, you will oversee our comprehensive security initiatives, which include infrastructure management, compliance adherence, and security automation. While specific experience in every aspect is not mandatory, enthusiasm for learning and tackling challenges is essential.Your Responsibilities:Develop and execute a strategic security roadmap.Lead our compliance automation efforts (e.g., SOC 2, ISO 27001, HIPAA). You will spearhead these initiatives with the aid of your team, utilizing Drata.Instill a culture of security awareness among all Merge engineers and employees.Oversee our Bug Bounty Program.Implement robust security controls across the organization, from infrastructure to continuous integration (CI).Establish both manual and automated security practices to address vulnerabilities.Support security reviews, threat modeling, disaster recovery exercises, and code assessments.

About Our TeamAt OpenAI, we pride ourselves on our Compliance team, which is committed to cultivating a culture of integrity and ensuring compliance with regulatory and legal standards. We work collaboratively with various departments—including Legal, Security, People, Finance, and Operations—to develop compliance programs that align with our mission while effectively managing risks in the fast-paced AI landscape.About the RoleThe Compliance Program Manager will be instrumental in developing and enhancing OpenAI's compliance program. This includes translating regulatory requirements into actionable processes, spearheading program execution, and refining our methods for detecting, assessing, and mitigating compliance risks. You will manage the daily operations of the compliance program, encompassing disclosures, training, investigations, controls, and reporting, while collaborating across teams to ensure continued effectiveness as we grow. This position offers a unique chance to innovate compliance operations using cutting-edge AI technology. The role reports directly to the Chief Compliance Officer.This position is based in San Francisco, CA, and follows a hybrid work model, requiring 3 days in the office each week. We also provide relocation assistance for new hires.Key ResponsibilitiesDevelop and Scale Compliance Operations: Design and implement repeatable workflows (intake, triage, escalation, documentation, follow-up) and continuously enhance them as business needs and risks evolve.Own Program Execution: Create project plans, define key milestones, drive cross-functional initiatives, and ensure timely execution of policies, training, controls, and tooling improvements.Support Disclosures and Investigations: Manage the intake and tracking processes, coordinate stakeholder communication, maintain documentation, and ensure timely resolutions and follow-through on remediation efforts.Drive Compliance Training and Communication: Develop, launch, and assess training and awareness initiatives that are clear, practical, and aligned with our risk framework.Monitor and Assess Compliance Risk: Collaborate with internal stakeholders to identify compliance gaps, conduct assessments, recommend corrective actions, and track remediation efforts.Support Audit and Regulatory Readiness: Assist with audits, inquiries, and examinations; maintain evidence, reporting materials, and program documentation.

Join Thuma as a Product Compliance Manager, where you will play a pivotal role in ensuring our products meet regulatory and safety standards. In this dynamic position, you will collaborate with cross-functional teams to ensure compliance throughout the product lifecycle. Your expertise will be essential in navigating complex compliance landscapes and implementing effective strategies to mitigate risks.

CoreWeave is seeking a Security Engineering Manager to lead the Platform Security team. This position is based in Livingston, NJ, New York, NY, Sunnyvale, CA, Bellevue, WA, or San Francisco, CA. The team’s mission is to embed security into CoreWeave’s Kubernetes-based platform and public cloud environments, supporting high-performance infrastructure for AI and machine learning workloads. Role overview This manager will oversee and expand the Platform Security engineering team, reporting to the Senior Director of Security Foundations. The focus is on hands-on leadership and technical execution, with an emphasis on building and implementing security controls rather than policy development. The role requires close collaboration with Infrastructure, Platform Engineering, Site Reliability Engineering, and other security teams to ensure security measures keep pace with business growth and evolving needs. What you will do Lead and grow the Platform Security engineering team. Integrate security into Kubernetes infrastructure and public cloud platforms such as AWS, GCP, and Azure. Define and execute strategies for cloud security posture, workload isolation, platform guardrails, image integrity, and multi-cloud security. Develop and implement security controls across CoreWeave’s infrastructure. Work closely with other technical teams to align platform security with business needs. The Platform Security team The Platform Security team at CoreWeave engineers systems that enforce security at the infrastructure layer. Their work spans both CoreWeave’s own Kubernetes-based platform and third-party public cloud environments. The team supports GPU-accelerated infrastructure for demanding AI and machine learning workloads, ensuring that both customer and internal services remain secure as CoreWeave’s global presence expands.

About the Role sia is hiring a Consultant Compliance Technical Project Manager in San Francisco. This position oversees compliance projects, guiding them to meet regulatory standards and support business goals. The role involves working closely with teams across the company, managing schedules, and keeping stakeholders informed throughout each project. Key Responsibilities Lead compliance-focused technical projects from planning through completion Ensure all project work aligns with relevant regulatory requirements Coordinate with cross-functional teams to achieve project objectives Manage project timelines and deliverables Communicate project status and updates to stakeholders Location San Francisco

About CoreWeave CoreWeave: The Essential Cloud for AI™ Founded in 2017, CoreWeave delivers cloud infrastructure designed for artificial intelligence workloads. Our platform supports innovators as they build and scale AI solutions, offering advanced technology and strong technical teams. Trusted by AI labs, startups, and global enterprises, CoreWeave provides high-performance infrastructure and deep expertise. CoreWeave will become a publicly traded company (Nasdaq: CRWV) in March 2025. Role Overview The Senior Product Manager, Compliance, will help build and maintain the infrastructure that supports CoreWeave’s next generation of AI services. This role manages IT General Controls (ITGCs) and IT application controls throughout a broad technology landscape. The position translates SOX compliance requirements into structured, scalable programs, working to ensure accountability among IT process owners and to make compliance efficient and repeatable. What You Will Do Lead the IT SOX compliance program, keeping an up-to-date inventory of IT controls, including ITGCs and automated application controls. Work closely with the SOX team and IT process owners to design, review, and validate compliance controls. Make sure all compliance controls are executed, documented, and ready for audits. Locations This role is available in Livingston, NJ; New York, NY; Sunnyvale, CA; San Francisco, CA; and Bellevue, WA.

At Contrast Security, we are revolutionizing the way organizations safeguard their software in the fast-paced realm of modern development. With our industry-leading Application Detection and Response (ADR), we empower teams to detect, halt, and remediate genuine threats in real time. If you are driven by the desire to create smarter, faster, and more effective security solutions, you will find a welcoming home here.We are in search of innovative thinkers, courageous creators, and problem solvers who excel at transforming complex challenges into groundbreaking solutions.As the Senior Channel Account Manager for the West region, you will play a pivotal role in bringing our leading application security tool to the forefront of the market. We are looking for a proactive and imaginative leader to cultivate mutually beneficial partnerships with both new and existing channel business partners. This role is heavily focused on driving revenue growth and requires a strong aptitude for expanding our existing partnerships while identifying new ones that will propel the Contrast Security brand into the market. You will be accountable for a regional sales quota and will be required to travel frequently.Ideal candidates will possess a strong hunter mentality, a proven consultative selling approach, and exceptional presentation skills. We seek a talented, enthusiastic, and ambitious channel partner account manager who is ready to join our team and elevate Contrast Security to new heights. Partner account managers are crucial to the growth of our partner organizations. The primary objective of this role is to establish credibility and trust with Senior Partner Executives, fostering investments in selling and driving the growth of Contrast products. At Contrast, you will find an environment where innovation and success stem from collaborative creativity.

About Cogent SecurityCogent Security is at the forefront of cybersecurity innovation, leveraging Applied AI to develop next-generation AI agents. In an era where cyber attacks evolve rapidly, our AI Taskforce analyzes vast amounts of enterprise data to proactively address vulnerabilities and prevent critical breaches.We combine pioneering research with practical execution, ensuring that our innovative solutions meet real-world challenges. Our Cogent Research division acts as our dedicated AI lab, driving the development of advanced security workflows.Since our emergence from stealth mode, we have rapidly grown, collaborating with Fortune 500 companies to secure complex production environments globally.Supported by Greylock, we have gathered a team of top talent from renowned institutions and leading organizations in the AI and cybersecurity sectors.About the RoleAs an Agent Engineer at Cogent Security, you will be pivotal in designing, building, and deploying critical AI agents tailored for complex client environments. Your role is highly cross-functional, involving direct collaboration with customers to understand their unique needs, adapting our platform accordingly, and iterating on scalable solutions to handle millions of real-world security events.You will manage projects from inception to deployment, including data onboarding and integrating feedback into our core agent platform. Your contributions will shape how AI agents detect threats, triage incidents, and automate security workflows for some of the most sophisticated organizations worldwide.This position is ideal for engineers who excel in dynamic environments, enjoy tackling complex technical challenges, and wish to see the tangible impact of their work.

About UsDelve is pioneering an AI-native platform that revolutionizes compliance by transforming tedious manual tasks into seamless automated workflows.As the fastest-growing compliance company in the industry, Delve empowers hundreds of organizations to reclaim countless hours (such as Lovable, 11x, WisprFlow) by minimizing compliance-related busywork, allowing them to prioritize what truly matters—safeguarding their customers.Our team consists of a close-knit group of innovators—seasoned founders, skilled operators, and talented engineers—dedicated to addressing genuine challenges faced by our clients. Our backgrounds include prestigious institutions such as Stanford, MIT, Berkeley, OpenAI, and international olympiads. Supported by esteemed investors like Insight Partners, General Catalyst, Y Combinator, and more, we have successfully completed a $32M Series A funding round and are rapidly expanding!Together, we are on a mission to eradicate busywork for humanity.The RoleIn the role of our inaugural Security Engineer, you will assume a multifaceted position with significant impact. You will be tasked with setting up and overseeing our internal security controls, infrastructure, and processes. Additionally, you will lead our penetration testing initiatives and engage in customer discussions to offer your technical expertise. This is a rare chance to establish robust security foundations at a company that has a profound understanding of the security landscape.Key ResponsibilitiesDesign, implement, and uphold comprehensive security measures across our infrastructure and operationsSet up and manage critical IT security tools, including endpoint protection, SIEM, identity management, and monitoring systemsConduct security evaluations, manage vulnerabilities, and respond to incidentsEnsure compliance with applicable frameworks (SOC 2, ISO 27001, etc.) to foster customer trust and support sales initiativesOversee access controls, privileged accounts, and security awareness training programsPlan, execute, and document internal penetration tests across applications, infrastructure, and networksManage and coordinate a small team of internal and external penetration testing contractorsDevelop internal penetration testing capabilities and methodologiesEngage in customer security discussions and provide technical insights during the sales process

We are looking for a dedicated and detail-oriented Governance, Risk, and Compliance (GRC) Manager to join our team at Decagon in San Francisco. In this pivotal role, you will be responsible for developing, implementing, and maintaining our governance, risk, and compliance strategies to ensure our operations align with regulatory requirements and industry standards.Your expertise will help us assess risk management processes and enhance our compliance framework, allowing Decagon to maintain its reputation as a leader in the industry. This is an exciting opportunity to contribute to our organizational integrity and enhance our compliance culture.

Join Our Team as a Compliance Manager, FCCAt Airwallex, we are revolutionizing the payment landscape globally. As the only comprehensive financial platform designed for businesses, we leverage our proprietary technology to empower over 200,000 companies, including industry leaders like Brex, Rippling, and Qantas, with seamless solutions for managing accounts, payments, and treasury services.Founded in Melbourne, our diverse team of over 2,000 innovators across 26 offices worldwide is dedicated to building a cutting-edge global banking experience. Backed by prestigious investors such as T. Rowe Price and Visa, we are on a mission to redefine financial transactions on a global scale. If you’re eager to make a significant impact and grow in your career, we invite you to join us.What We Look ForWe seek dynamic builders who possess a founder-like drive and are motivated by our mission and operating principles. You should have a strong analytical mindset, the ability to make swift yet informed decisions, and a collaborative spirit. Your capacity to transform innovative ideas into tangible products will be key. By utilizing AI, you'll solve complex problems effectively and contribute to our ambitious goals.About the Legal, Risk & Compliance TeamOur Legal, Risk & Compliance (LRC) team is a cohesive unit of legal and risk management professionals committed to ensuring Airwallex operates with integrity. We foster a culture of compliance and ethical practices, proactively managing legal and financial risks across the organization.Your RoleAs the Compliance Manager for Financial Crime Compliance (FCC), you will be pivotal in overseeing our financial crime compliance operations in the U.S. Collaborating closely with the US Deputy BSA Officer, you will ensure adherence to compliance regulations and manage operational tasks effectively.