Skip to content
Instabase

Director, Security & Compliance

250k – 300kSan Francisco, CASecurity EngineeringHybrid
Summary

Leads security, compliance (GRC), and IT operations at a SaaS company, driving roadmap, audits (SOC2, HIPAA, ISO 27001, GDPR, FedRAMP), policies, and cross-functional programs. Requires extensive compliance experience in cloud/SaaS environments.

About the role

What you’ll do

  • Formulate and drive GRC roadmap, security policies, vendor security reviews and security training
  • Initiate, own and lead new security & compliance programs and audits GDPR, SOC2, HIPAA and ISO 27001
  • Establish and continuously improve standards, processes, tooling and procedures for audit and compliance management
  • Collaborate and work cross-functionally across the company to deliver successful security compliance programs, partnering with Engineering, Product, GTM, Legal and HR teams
  • Oversee IT operations, internal systems, and access controls in alignment with security best practices
  • Work with external auditors to achieve security compliance certifications and reports
  • Regularly report on status, operational metrics and KPI’s, providing transparency to company Leadership and internal stakeholder teams

About you

Required:

  • Extensive experience in security compliance, successfully leading compliance projects, risk assessments and audits
  • FedRAMP (NIST 800-53), GDPR, SOC2, HIPAA and ISO 27001 auditing and implementation experience
  • Experience working with Engineering teams within the modern cloud / SaaS technology space
  • Excellent written and verbal communication skills

Nice to have’s:

  • Past experience at a Big Four consulting firm and/or reputable SaaS provider
  • Engineering or Computer Science background

Compensation

The base salary range for this role is $250,000 to $300,000 + bonus, equity, and US Benefits.

Skills
SOC2HIPAAISO 27001GDPRFedRAMPNIST 800-53GRCSaaS securitycloud securityvendor risk management
Similar roles at this salary range
All Security Engineering jobs →
Everlaw

Senior Software Security Engineer

Lead security engineering efforts at Everlaw, guiding a team to build secure development practices and protect customer data on AWS. Requires 4+ years in security and Python scripting skills.

215k – 272kOakland, CASecurity EngineeringOn-site4+ YOEAWSIAM
Novig

Senior Security Engineer

Senior Security Engineer building proactive, automated security systems including SOAR/SIEM workflows, AI agents, vulnerability management, and cloud hardening for a fast-growing sports prediction market platform.

200k – 250kNew York, NYSecurity EngineeringOn-site5+ YOECDKIAM
OpenAI

Staff Security Reliability Engineer

Senior technical owner designing, building, and operating secure, reliable infrastructure-as-code platforms for identity, access, and shared services. Requires 10+ years of hands-on SRE experience in high-reliability on-prem/hybrid environments.

293k – 385kSan Francisco, CASecurity EngineeringHybrid10+ YOEChefAzure
OpenAI

Data Center Physical Security Systems Engineer

Design and deliver physical security technology architecture for AI data centers, establishing standards for access control, surveillance, and monitoring systems across global infrastructure. Requires 15+ years in physical security systems architecture and hands-on implementation experience.

205k – 335kSan Francisco, CA +3Security EngineeringRemote15+ YOECCTV AnalyticsOT/ICS Security
Upside

Staff AppSec Engineer

Staff AppSec Engineer owning end-to-end vulnerability identification and remediation. Partner with engineering teams on secure development practices, threat modeling, and AWS security architecture while leveraging AI tools.

210k – 230kWashington, DCSecurity EngineeringHybrid6+ YOEAWSSCA
Apply