# Director, Security & Compliance

**Company:** [Instabase](https://hotfix.jobs/companies/instabase)
**Location:** San Francisco, CA
**Role:** Security Engineering
**Salary:** $250k – $300k/yr
**Skills:** Soc2, HIPAA, ISO 27001, GDPR, FedRAMP, Nist 800-53, GRC, Saas Security, Cloud Security, Vendor Risk Management
**Posted:** 2026-02-04

> Leads security, compliance (GRC), and IT operations at a SaaS company, driving roadmap, audits (SOC2, HIPAA, ISO 27001, GDPR, FedRAMP), policies, and cross-functional programs. Requires extensive compliance experience in cloud/SaaS environments.

## Job Description

## What you’ll do

- Formulate and drive GRC roadmap, security policies, vendor security reviews and security training
- Initiate, own and lead new security & compliance programs and audits GDPR, SOC2, HIPAA and ISO 27001
- Establish and continuously improve standards, processes, tooling and procedures for audit and compliance management
- Collaborate and work cross-functionally across the company to deliver successful security compliance programs, partnering with Engineering, Product, GTM, Legal and HR teams
- Oversee IT operations, internal systems, and access controls in alignment with security best practices
- Work with external auditors to achieve security compliance certifications and reports
- Regularly report on status, operational metrics and KPI’s, providing transparency to company Leadership and internal stakeholder teams

## About you

**Required:**
- Extensive experience in security compliance, successfully leading compliance projects, risk assessments and audits
- **FedRAMP (NIST 800-53), GDPR, SOC2, HIPAA and ISO 27001** auditing and implementation experience
- Experience working with Engineering teams within the modern cloud / SaaS technology space
- Excellent written and verbal communication skills

**Nice to have’s:**
- Past experience at a Big Four consulting firm and/or reputable SaaS provider
- Engineering or Computer Science background

## Compensation

The base salary range for this role is **$250,000 to $300,000** + bonus, equity, and US Benefits.

## Similar roles

- [Engineering Director, Application Security](https://hotfix.jobs/jobs/f5c7154c-b666-4c99-9aba-cb878825ba3b) - Trail of Bits - Remote - $250k – $300k/yr
- [Privacy Engineering Director](https://hotfix.jobs/jobs/7a45a3ca-90d8-4d75-bac1-d9537bd8a64f) - DuckDuckGo - Remote - $244k – $244k/yr
- [Director, Threat Research](https://hotfix.jobs/jobs/594b9a33-1ae5-4e7b-b9ff-128c42de0525) - Illumio - Sunnyvale, CA - $227k – $272k/yr
- [Head of Security](https://hotfix.jobs/jobs/c86c14ec-1040-479a-b3ec-7982f44243a9) - Moment - New York, NY - $275k – $325k/yr
- [Director, Ecosystem Product Security](https://hotfix.jobs/jobs/1a713979-c2ef-4231-b621-264f3d938b57) - Stellar - San Francisco, CA - $225k – $335k/yr

**Apply:** https://hotfix.jobs/jobs/2d816861-5eea-4cd4-97bb-74418f97a6de
**Canonical:** https://hotfix.jobs/jobs/2d816861-5eea-4cd4-97bb-74418f97a6de