Skip to content
Scale AIScale AIWashington, DC

Head of Global Assurance

Lead and scale global assurance programs (FedRAMP, SOC 2, ISO 27001) across public sector and commercial units while managing a distributed technical team of compliance experts.

287k – 359k/yr
On-site10+ YOESecurity Engineering

About the role

Responsibilities

  • Lead comprehensive assurance programs across Scale’s Global Public Sector and Commercial businesses, covering FedRAMP, NIST frameworks, SOC 2, and ISO 27001.
  • Manage and develop a technical assurance team responsible for public sector authorizations, audits, control evidence, and remediation reporting.
  • Set priorities and operating cadences for assurance workflows, including intake, evidence collection, and metrics-driven deadline management.
  • Build executive-level metrics and dashboards that provide leadership with a clear view of program health, strategic priorities, and key risks.
  • Partner with the Legal team on contract-driven assurance obligations, sensitive escalations, and external-facing customer representation.
  • Collaborate cross-functionally with Security, Engineering, and Product to validate evidence, track remediation, and support authorization requirements.
  • Manage high-stakes relationships with external auditors, assessors, certification bodies, and government authorizing officials.

Requirements

  • 10+ years of experience in cybersecurity compliance, GRC, or public/commercial assurance, including an active U.S. security clearance (SCI eligible).
  • Proven leadership experience managing senior technical professionals and distributed teams across multiple time zones.
  • Deep technical familiarity with FedRAMP, continuous monitoring, and scalable control frameworks within cloud or AI/ML environments.
  • Excellent communication skills, with a demonstrated ability to advise executive leadership on assurance and risk tradeoffs in fast-moving technical environments.

Nice-to-Haves

  • Relevant professional certifications such as CISSP, CISM, CISA, CCSP, or AWS/Azure Solutions Architect credentials.
  • Experience with emerging technologies, specifically developing compliance approaches for GenAI, LLMs, or large-scale data platforms.
  • Direct experience with JAB authorization environments or classified/national security GovCloud deployments.

Skills

FedRAMPNistSOC 2ISO 27001GRCCybersecurity ComplianceAWSAzureCisspCism
Harvey

Head of Security Engineering

HarveySan Francisco, CA +1

Lead and scale the security engineering organization, owning IAM strategy, security tooling, and foundational security platforms that enable rapid, secure product development.

285k – 350k/yr
Hybrid10+ YOESecurity Engineering
Moment

Head of Security

MomentNew York, NY

Own the end-to-end security program for a fintech infrastructure company, driving strategy, compliance (SOC 2), incident response, and client-facing security reviews for institutional trading systems.

275k – 325k/yr
On-siteSecurity Engineering
Zapier

Sr. Director, Security

ZapierSan Francisco, CA

Lead Zapier's Security organization as the most senior security executive. Set strategy across AppSec, InfraSec, Detection & Response, and GRC while partnering with Product, Engineering, and GTM to make security a competitive advantage for an AI-native SaaS platform.

308k – 463k/yr
Remote8+ YOESecurity Engineering
Trail of Bits

Engineering Director, Application Security

Trail of BitsUnited States

Leads Application Security practice performing code audits, vulnerability research, and secure design reviews. Hands-on leader managing team, P&L, client relationships; requires 10+ years security experience and proficiency in multiple languages.

250k – 300k/yr
Remote10+ YOESecurity Engineering
Instabase

Director, Security & Compliance

InstabaseSan Francisco, CA

Leads security, compliance (GRC), and IT operations at a SaaS company, driving roadmap, audits (SOC2, HIPAA, ISO 27001, GDPR, FedRAMP), policies, and cross-functional programs. Requires extensive compliance experience in cloud/SaaS environments.

250k – 300k/yr
HybridSecurity Engineering