Skip to content
GovsignalsGovsignalsNew York, NY

Compliance Operations Lead

Leads end-to-end compliance program for FedRAMP High, IL5, CMMC Level 2, and SOC 2 at a high-growth govtech startup. Automates evidence collection, partners with engineering on secure-by-design practices, and supports sales with customer trust narratives. Requires 3+ years in startup compliance with high-impact authorizations.

140k – 190k
Hybrid3+ YOESecurity Engineering

About the role

Key Responsibilities

Compliance Program Ownership

  • Build and run the master compliance program covering FedRAMP High, IL5, CMMC Level 2, SOC 2, and adjacent public-sector frameworks.
  • Drive the FedRAMP High ATO roadmap end-to-end, including 3PAO coordination, agency sponsorship navigation, and continuous monitoring once authorized.
  • Maintain a forward-looking compliance roadmap that anticipates new frameworks, customer requirements, and regulatory changes.

Evidence Automation & Audit Readiness

  • Own evidence management end-to-end: gather, organize, and automate collection so we are audit-ready every day.
  • Stand up automated policy checks, control evidence capture, and continuous monitoring tooling.
  • Lead quarterly and annual security documentation cycles, coordinate penetration tests and red-team engagements, and track remediation through to closure.

Customer Trust, BD & Sales Enablement

  • Be the primary voice on enterprise security questionnaires and customer trust calls.
  • Partner directly with Sales as a front-line credibility asset—join customer pitches and discovery calls, brief prospects on our compliance roadmap.
  • Help represent GovSignals at industry conferences, customer events, and federal/defense forums.
  • Translate complex compliance posture into clear narratives for both technical security teams and non-technical executives.
  • Build and maintain a customer-facing trust center, security collateral, and reusable response library.

Engineering Partnership

  • Embed secure-by-design practices alongside engineering—policy checks in CI/CD, infrastructure-as-code guardrails, hardened deployment pipelines.
  • Identify smart, outside-of-the-box solutions to compliance roadblocks.
  • Monitor the evolving threat landscape and propose proactive hardening measures.

Required Qualifications

  • 3+ years leading compliance or security programs at a high-growth technology or defense startup.
  • Demonstrated success achieving and maintaining FedRAMP High ATO or an equivalent high-impact authorization.
  • Deep working fluency with IL5, CMMC Level 2, SOC 2 Type II, NIST 800-171, and the broader U.S. public-sector compliance landscape.
  • Proven ability to design and run automated evidence collection, policy management, and vulnerability-tracking workflows.
  • Strong written and verbal communication skills for both technical and executive audiences; comfortable owning customer security reviews end-to-end.
  • Experience coordinating red-team, penetration-test, or bug-bounty programs and translating findings into engineering action.
  • Comfort operating in a fast-moving, early-stage environment.

Bonus

  • Hands-on exposure to Kubernetes, Terraform, JAMF, and modern DevSecOps toolchains.
  • Prior experience supporting an IC or DoD customer base.

Compensation & Benefits

  • Base Salary: $140,000 - $190,000
  • Equity: Meaningful stake in a well-funded, fast-growing startup
  • Benefits: 100% employer-paid medical, vision, and dental (Bronze coverage), Unlimited PTO

Skills

Fedramp HighIl5Cmmc Level 2SOC 2Nist 800-171KubernetesTerraformCI/CDDevSecOpsGrc Tools
Pindrop

Senior Security Engineer

PindropUnited States

Senior Security Engineer on the Red Team performing offensive security, adversarial testing, and red team operations against GenAI/LLM systems, deepfake defenses, cloud infrastructure, and SaaS products. Requires 3+ years of hands-on pen testing/red team experience plus demonstrable GenAI attack experience.

140k – 165k
Remote3+ YOESecurity Engineering
Ontic

Senior AI Security Engineer

OnticUnited States

Lead development of AI security controls, governance frameworks, and risk management practices. Conduct assessments, implement guardrails, and ensure responsible AI deployment across the organization.

140k – 160k
Remote5+ YOESecurity Engineering
Cerebras Systems

Distributed Systems Cluster Security Software – Engineering Lead

Cerebras SystemsSunnyvale, CA

Leads engineering for security in large-scale AI clusters with hundreds of wafer-scale accelerators and thousands of servers. Requires 3+ years leadership in distributed systems security, strong Kubernetes and networking expertise, and building secure multi-tenant solutions.

140k – 240k
On-siteSecurity Engineering
Teleport

Senior Software Engineer, Security

TeleportUnited States

Senior Software Engineer building security features for Teleport's access platform, focusing on cryptography, networking, automation, AI agents, and detection/response using Go/Rust. Contributes to open-source code reviews, vulnerability hunting, and hardening defenses.

138k – 342k
RemoteSecurity Engineering
Lyft

Senior Security Engineer, Corporate Security

LyftSeattle, WA

Builds secure processes and systems for corporate security, partnering cross-functionally to enable safe operations. Requires 5+ years engineering experience with Python/Go, databases, networking protocols, and security systems.

136k – 170k
Hybrid5+ YOESecurity Engineering