Senior Compliance Advisor advising customers on audit readiness and GRC programs for SOC 2, ISO 27001, and other major frameworks. Requires 4-6 years of compliance/audit experience and strong customer-facing skills.
Salary not listed
Remote4+ YOELegal
About the role
What you’ll do
Advise customers on information security policies, control evidence, and overall audit readiness as they prepare for audits and assessments against SOC 2, ISO 27001/27002, HIPAA, PCI, NIST 800-171, CMMC, FedRAMP, GDPR, CCPA, and related frameworks.
Lead end-to-end control mapping and cross-framework crosswalk analysis, aligning customer custom controls and audit evidence request lists (IRLs) to the Drata Control Framework (DCF).
Serve as the primary compliance expert in customer-facing meetings, via email and executable work for customers, and to members of our Customer Success teams.
Lead the development and present on GRC industry best-practices and on common compliance questions received from customers for both external and internal audiences.
Lead ongoing internal learning and success of our team by sharing knowledge through mentorship, research, and internal presentations.
Partner with Customer Success and Account Managers in providing current customers with additional compliance advisory services as needed.
Engage with the Sales team, as needed, with responding to prospective customer questions.
Host customer-facing webinars to answer questions on audit and GRC best practices.
Review marketing articles and blog posts for accuracy as needed.
What you’ll bring
Must have 4 - 6 years of experience in performing audits and assessments for compliance programs based on SOC 2 and ISO 27001/27002.
The ideal candidate will have exposure and experience in additional frameworks such as HIPAA, PCI, GDPR, CMMC, FedRAMP, CCPA, or other major compliance and controls regulations and framework.
Strong background and understanding of GRC (Governance, Risk, and Compliance) programs, processes, functions, and operational teams, and helping organizations design, build, and operate their risk, security, and compliance programs.
Familiarity with GRC tools and/or cybersecurity technologies; hands-on experience with a GRC automation platform is a plus.
While not required, previous experience at consulting, audit, and advisory firms or at GRC/cybersecurity technology companies, is highly preferred.
Proven self-starter able to identify priorities, take ownership of work, and learn and advise on new compliance frameworks quickly.
An ability to develop and cultivate positive relationships with customers - make their day by providing the best possible guidance and customer experience.
Desire to work at a rapidly growing startup with a team-player mindset, building and creating something from the ground up.
A proactive approach to managing your workload and day and ability to prioritize many different tasks and levels of responsibility.
Constant ability to iterate and improve upon existing processes - challenge the status quo and improve upon the current state.
A strong ability to work within a high-speed and high-volume environment.
Nice to have
Light technical fluency to accelerate evidence automation and customer enablement — comfort reading and interpreting API responses, working familiarity with at least one major cloud provider (AWS, GCP, or Azure) and its core security/IAM services, and/or basic scripting (Python, PowerShell, or SQL) to streamline repetitive evidence-collection tasks.
One or more industry certifications such as CISA, CISSP, CIPP/E or CIPP/US, CRISC, or ISO 27001 Lead Auditor / Lead Implementer.
How we support you
Shared Success: We provide stock equity to ensure that as the company grows, you share directly in that success.
Health & Wellness: Up to 100% employer-paid premiums for medical, dental, and vision coverage for employees and their dependents, along with comprehensive wellness benefits and healthcare concierge services.
Financial Well-being: A comprehensive suite of financial benefits, including a 401(k) plan, company-paid life and disability insurance, tax-advantaged spending accounts, and a range of discounted voluntary offerings.
Family Support: We offer a paid Parental Leave policy, after six months of employment. Employees also receive access to Kindbody fertility and family-building benefits and dedicated leave specialists.
Growth & Development: Generous annual stipends for both professional and personal development, empowering you to invest in your continued growth. You’ll also have access to a wide range of internal learning opportunities.
Time Off & Flexibility: Drata offers a flexible vacation policy, paid holidays, and other perks to recharge.
Legal Counsel supporting Crusoe's corporate finance and strategic transactions, including debt financings, capital markets deals, drafting/negotiation of credit agreements, due diligence, and covenant compliance. Requires JD, 7-10 years of complex transactional experience in finance/corporate deals, strong business judgment, and ability to manage high-stakes workstreams.
240k – 285k/yr
On-site7+ YOELegal
PubSec Counsel
DittoAtlanta, GA +3
PubSec Counsel owns public sector contracting, negotiations, and legal compliance for U.S. Federal Government and defense programs at Ditto. Requires deep expertise in FAR/DFARS, government contracts, and building compliance frameworks in a fast-paced startup environment.
146k – 198k/yr
Remote7+ YOELegal
Senior Regulatory & Policy Counsel
CheckrSan Francisco, CA
Senior Regulatory & Policy Counsel reporting to Director of Product and Privacy Legal. Monitors and analyzes AI, privacy, and background screening regulations; translates them into compliance guidance; conducts risk analyses; leads policymaker engagement and advocacy; partners with Product, Engineering, and Customer Success. Requires JD and 8+ years in regulatory law/policy/government affairs.
229k – 269k/yr
Hybrid8+ YOELegal
Sr. Commercial Counsel
DialpadAustin, TX
Senior Commercial Counsel negotiating complex enterprise SaaS, partnership, and vendor agreements. Provides strategic legal advice to sales and executive teams, builds AI-powered legal workflows and playbooks, and mentors junior counsel in a fast-paced AI SaaS environment.
Salary not listed
On-site8+ YOELegal
In-House Counsel
FirecrawlSan Francisco, CA
Firecrawl's first full-time In-House Counsel will own legal for customer contracts, partnerships, and the novel legal issues around web data scraping, crawling, licensing, and public data access. Hybrid commercial and technical role requiring comfort redlining deals and advising engineers on data sourcing/serving compliance.