Responsibilities
- Own and continuously elevate our ISMS in accordance with ISO 27001, SOC 2 Type 2, GDPR, and emerging AI governance standards, ensuring all policies, procedures, and controls are documented, implemented, and maintained
- Manage the full lifecycle of security audits, certifications, and internal controls, ensuring we continue to stay ahead of requirements
- Guide enterprise prospects and clients through InfoSec and compliance conversations as part of the sales motion, and manage and streamline security questionnaires and due diligence reviews to ensure fast and accurate responses
- Own our security whitepapers and InfoSec collateral, keeping them accurate, clear, and useful for both internal and external audiences
- Partner with Legal and Compliance to define security policies and align on contractual obligations and regulatory requirements
- Manage day-to-day compliance operations, including vendor risk management, third-party security reviews, background screenings, and security awareness training across the organization
- Work hand-in-hand with Solution Architects and DevOps to translate security requirements into scalable implementation practices
- Work with Engineering and business teams to ensure security and compliance requirements are understood, prioritized, and implemented effectively
Requirements
- Experience in GRC, compliance, or information security program management in high-growth technology companies in regulated industries, ideally in B2B SaaS, where building customer trust is central to the business
- Experience owning governance frameworks, risk management methodologies, and data protection regulations such as SOC 2 and ISO 27001 end-to-end, including risk assessments, control implementation, audit preparation, and ongoing maintenance
- Experience guiding security and compliance conversations with enterprise buyers, including completing complex security questionnaires and participating in due diligence calls
- Experience communicating security and compliance requirements clearly to both technical and non-technical audiences, including engineering and GTM teams, as well as enterprise buyers
- Experience working closely with sales, legal, and GTM teams and understanding how a strong security posture enables deals
- Strong process instincts and ability to build on compliance operations that scale
- Collaborative, pragmatic, and calm under pressure, especially when an enterprise deal is on the line
- Ability to be both strategic and hands-on, shaping security programs as well as jumping into audits, compliance reviews, and questionnaire responses
Work Arrangement
Hybrid
Additional Information
- This position is open to candidates who are legally authorized to work in the United States.
- At DeepJudge, we believe great teams are built on diverse perspectives and experiences. We are proud to be an equal opportunity employer and are committed to fostering an inclusive, high-performance culture where everyone can thrive. We welcome applicants of all backgrounds and do not discriminate based on race, religion, color, national origin, gender, gender identity or expression, sexual orientation, age, marital status, disability, veteran status, or any other characteristic protected by law. If this role excites you, but you feel you don’t meet every qualification, we encourage you to apply anyway and tell us why you’d be a great fit.
