About the Role
We’re hiring a senior security, risk, and compliance leader to build and scale our governance, risk, and compliance (GRC) program at a rapidly growing investment firm.
In this highly visible role, you will own our compliance strategy end-to-end, from SOC 2 and SOX readiness to third-party risk, audit management, and control frameworks. You’ll partner directly with the CTO and work cross-functionally with Engineering, IT, Legal, Finance, and business operations to embed security and compliance into how the company operates.
This is a hands-on leadership role for someone who enjoys building structure, driving accountability, and creating scalable programs that support business growth in a regulated, high-stakes environment.
Role Overview
As our senior compliance and risk leader, you will be responsible for designing, operating, and continuously improving our security and compliance infrastructure.
You will:
Own and manage our SOC 2 and SOX compliance programs, including audit readiness, execution, and remediation
Lead third-party risk management and vendor security assessments
Operate and optimize our GRC platform (Vanta, LogicGate, Secureframe, or similar)
Manage external audits and coordinate with auditors and internal stakeholders
Design and maintain control frameworks aligned with NIST 800-53, ISO 27001, and HITRUST
Partner with Engineering and IT to ensure controls are built directly into systems and processes
Work closely with Legal, Finance, and business leaders to ensure compliance supports business objectives — not slows them down
You’ll report directly to the CTO and serve as a trusted advisor to executive leadership as the organization continues to scale.
Must-Have Qualifications
8–10+ years of experience in IT compliance, information security, risk management, or related roles within regulated or high-growth environments
Proven ownership of SOC 2 and/or SOX compliance programs, including audit readiness, execution, and remediation
Hands-on experience implementing and operating GRC platforms such as Vanta, LogicGate, Secureframe, or similar
Deep experience leading third-party risk management programs and conducting vendor security assessments
Demonstrated success managing external audits and driving remediation efforts across technical and business teams
Strong working knowledge of security and control frameworks including NIST 800-53, ISO 27001, and HITRUST
Ability to partner cross-functionally with Engineering, IT, Legal, Finance, and executive leadership
Track record of building scalable compliance programs that support business growth rather than slow it down
Why Join Us
Be a key player in building and shaping the security and compliance infrastructure at a rapidly growing investment firm
Work in commercial real estate, one of the most dynamic and resilient sectors in finance
Collaborate with a focused, high-performing team where your impact is immediately visible
Opportunity for professional growth as the organization scales
Competitive compensation package including base salary, performance bonus, and comprehensive benefits
Benefits
Generous time off policy
Company-sponsored medical, dental, and vision insurance
Company-paid life insurance
Company-paid short- and long-term disability insurance
Paid parental leave
401(k) plan with company match
11 paid holidays