Information Security Compliance Lead

23 hours ago

San Francisco, CA, United States IVO Inc Full time
Why Ivo?

Contract negotiation is the most time-consuming, costly, and difficult component of the contract lifecycle-and it hasn't gotten much easier since the days of fax machines.

Large language models have unlocked the ability to solve many contract negotiation problems at scale. Our product is best-in-market (we have an 85%+ h2h trial win rate) and used by some of the leading companies in the world.

Overview:

We're looking for an experienced information security compliance leader to build and run a lean, audit-ready program. The foundation is in place. You will take full ownership and run it your way.

You will own two big rocks:
    • Own security compliance end-to-end
    • Plan and run gap assessments, control design, evidence collection, and auditor coordination (SOC 2 Type II; ISO/IEC 27001:2022)
    • Operate and improve our ISMS (risk assessment, internal audit, management review, corrective actions)
    • Maintain policies, control testing cadence, asset inventories, and audit-ready evidence (e.g., Secureframe/Vanta)
    • Lead vendor risk management and third-party due diligence
    • Own security questionnaires & customer trust
    • Own RFPs/DDQs/security questionnaires (SIG Lite, CAIQ, and custom) with clear SLAs
    • Meet with customer security teams to explain security controls
    • Build a living answers library and artifacts (policies, diagrams, pen test reports, BCP/DR, vulnerability management posture)
    • Stand up and maintain a trust portal
    • Partner with Sales/Legal/Security to unblock deals and negotiate security addenda
Additional Impact:
    • Translate frameworks into lightweight, automated processes that fit a high-velocity startup
    • Track and report meaningful compliance/risk metrics to leadership
    • Help hire/mentor as the program scales
Ivo might be a good fit for you if you are:
    • A strategic builder who has led SOC 2 Type II and ISO 27001 programs at a SaaS company (preferably early stage)
    • Deeply knowledgeable about security compliance/GRC and vendor risk
    • Excellent at customer-facing trust work (clear writing, good communication, fast and accurate knowledge)
    • Would describe yourself as being relentlessly resourceful
    • Pragmatic and automation-first. You design controls engineers actually follow
    • Comfortable collaborating across Security, IT, Sales, and Legal to get things done
Compensation and Benefits
    • Competitive Compensation: The USD OTE range for this role is $185,000 - $230,000 (excluding equity). Final offer amounts are determined by multiple factors, including experience and expertise.
    • Relocation and Visa Support: Relocation assistance for successful applicants moving to SF, as well as support for visa and green card applications where applicable.
    • Medical Benefits: Comprehensive medical, dental and vision plans to suit the needs of you and your family.
    • Unlimited PTO: So you can take the time you need to recharge, stay healthy, and bring your best self to work.
    • Office Extras: Generous office space in Downtown San Francisco, with snacks, coffee, and regular team building events and activities.


FAQ:

How far along are we?

We launched in early access in 2023. Since then, we've had an incredible response from the market and are growing rapidly. We 5x'd in ARR in the last 12 months. Our clients include companies like Canva, Quora, Zapier, Pinterest, Reddit, WordPress, and more. We're happy to share more details with candidates who go through our interview process.

Is this a chill gig?

Startups are very hard, especially if they're growing fast. You'll have a ton of responsibility, and there's always an enormous amount of stuff to do. It's hard work but the payoff is uncapped.

Can I work remotely?

We require candidates to work with us in-person 5 days a week in our San Francisco office.

  • Security Compliance Lead

    2 weeks ago

    San Francisco, CA, United States Faire Inc Full time

    About Faire Faire is an online wholesale marketplace built on the belief that the future is local - independent retailers around the globe are doing more revenue than Walmart and Amazon combined, but individually, they are small compared to these massive entities. At Faire, we're using the power of tech, data, and machine learning to connect this thriving...

  • Security Compliance Lead

    2 weeks ago

    San Francisco, CA, United States Faire Inc Full time

    About Faire Faire is an online wholesale marketplace built on the belief that the future is local - independent retailers around the globe are doing more revenue than Walmart and Amazon combined, but individually, they are small compared to these massive entities. At Faire, we're using the power of tech, data, and machine learning to connect this thriving...

  • Security Compliance Lead

    2 days ago

    San Francisco, CA, United States Faire Inc Full time

    About Faire Faire is an online wholesale marketplace built on the belief that the future is local - independent retailers around the globe are doing more revenue than Walmart and Amazon combined, but individually, they are small compared to these massive entities. At Faire, we're using the power of tech, data, and machine learning to connect this thriving...

  • Information Security Auditor

    2 weeks ago

    San Francisco, CA, United States 8848M LLC Full time

    SecurityPal, Inc. San Francisco, CA TITLE: Information Security Auditor DUTIES: Lead a team that provides comprehensive vendor assessments to evaluate security risks and compliance with standards and regulations; Serve as the main point of contact for clients, ensuring clear communication, understanding of requirements, and satisfaction with services...

  • Information Security Auditor

    1 week ago

    San Francisco, CA, United States 8848M LLC Full time

    SecurityPal, Inc. San Francisco, CA TITLE: Information Security Auditor DUTIES: Lead a team that provides comprehensive vendor assessments to evaluate security risks and compliance with standards and regulations; Serve as the main point of contact for clients, ensuring clear communication, understanding of requirements, and satisfaction with services...

  • Information Security Auditor

    5 days ago

    San Francisco, CA, United States 8848M LLC Full time

    SecurityPal, Inc. San Francisco, CA TITLE: Information Security Auditor DUTIES: Lead a team that provides comprehensive vendor assessments to evaluate security risks and compliance with standards and regulations; Serve as the main point of contact for clients, ensuring clear communication, understanding of requirements, and satisfaction with services...

  • Information Security Auditor

    2 days ago

    San Francisco, CA, United States 8848M LLC Full time

    SecurityPal, Inc. San Francisco, CA TITLE: Information Security Auditor DUTIES: Lead a team that provides comprehensive vendor assessments to evaluate security risks and compliance with standards and regulations; Serve as the main point of contact for clients, ensuring clear communication, understanding of requirements, and satisfaction with services...

  • Information Security Manager

    2 weeks ago

    San Francisco, CA, United States Kikoff Inc Full time

    ABOUT THE ROLE You'll be our first dedicated security leader, owning the technical execution of our security and compliance program. You'll drive SOC 2 and PCI DSS compliance, manage our vulnerability program, and build security capabilities that enable our engineering teams to move fast while staying secure. This is a hands-on role-you'll design controls,...

  • Information Security Manager

    2 days ago

    San Francisco, CA, United States Kikoff Inc Full time

    ABOUT THE ROLE You'll be our first dedicated security leader, owning the technical execution of our security and compliance program. You'll drive SOC 2 and PCI DSS compliance, manage our vulnerability program, and build security capabilities that enable our engineering teams to move fast while staying secure. This is a hands-on role-you'll design controls,...

  • Senior IT Security

    4 days ago

    San Francisco, CA, United States Network Right LLC Full time

    A leading cybersecurity consulting firm is seeking a Senior IT Security & Compliance Consultant in San Francisco. In this hybrid role, you will guide clients through compliance readiness and risk management, leveraging your extensive experience in SOC 2 and ISO 27001. The ideal candidate has a strong understanding of information security principles and...