Security Specialist, GRC (AI)

TL;DR

Security Specialist, GRC (AI): Building and optimizing AI governance and security compliance frameworks for an enterprise AI platform with an accent on SOC 2, ISO 27001, and emerging AI governance requirements. Focus on leading audit engagements, responding to customer security assessments, and partnering with Engineering and Product to embed secure-by-design principles.

Location: Remote within the US or hybrid from our San Francisco or New York City offices.

Compensation: $101.4K – $178.5K

Company

hirify.global is where the world's leading enterprises orchestrate AI-powered work, providing an end-to-end platform for building and deploying AI agents grounded in company data.

What you will do

• Own and drive the security compliance program, including managing SOC 2 Type II audits, ISO Triad certification, and expanding compliance coverage for regulated industries.
• Lead customer assurance efforts by responding to security questionnaires and maintaining the trust portal, partnering with Sales to remove security blockers.
• Build and maintain the security governance framework, creating and updating policies, access control standards, and AI-specific governance documentation.
• Conduct continuous control monitoring and evidence collection through automated workflows, tracking remediation activities, and performing control testing.
• Drive risk assessments and third-party vendor security reviews, evaluating supplier controls and quantifying risks across the AI platform.
• Partner with Engineering and Product teams to embed compliance into the development lifecycle, ensuring secure-by-design principles for new AI features.
• Serve as the primary point of contact for external auditors, coordinating evidence collection, scheduling interviews, and addressing findings.

Requirements

• 2+ years of hands-on experience in GRC, security compliance, or audit roles within fast-paced tech companies or startups.
• Deep working knowledge of security frameworks and certifications including SOC 2 Type II, ISO 27001, GDPR, CCPA, and familiarity with emerging AI governance requirements.
• Strong technical literacy to evaluate cloud security architectures, understand API security, and review access control implementations.
• Excellent project management abilities with the skill to juggle multiple audits, customer questionnaires, policy updates, and remediation initiatives simultaneously.
• Outstanding communication skills to explain complex compliance requirements in clear, actionable language to technical and non-technical audiences.
• Natural curiosity about AI governance and emerging regulatory landscape, including AI-specific frameworks, model risk management, and responsible AI principles.

Culture & Benefits

• Generous PTO, plus company holidays.
• Medical, dental, and vision coverage for you and your family, and paid parental leave.
• Fertility and family planning support, plus early-detection cancer testing.
• Flexible spending account, dependent FSA options, and health savings account with company contribution.
• Annual work-life stipends for wellness and learning and development.
• Company-wide off-sites and team off-sites.
• Competitive compensation, company stock options, and 401k.