Compliance & Trust Lead

TL;DR

Compliance & Trust Lead (GRC): Operate and extend hirify.global’s compliance program end-to-end, including SOC 2 Type II and ISO 27001, while scaling GRC with automation. Focus on risk management, third-party risk, and embedding compliance controls early in the development process to reduce audit overhead and strengthen customer trust.

Location: Remote (North America)

Company

hirify.global builds the product development system for teams and agents.

What you will do

• Maintain and mature SOC 2 Type II and ISO 27001, and roadmap additional certifications (ISO 27701, ISO 42001) while keeping audit overhead low and automating evidence collection.
• Own security questionnaires, customer trust reviews, and enterprise procurement conversations.
• Run the risk management program across product, infrastructure, and vendors; drive remediation and provide clear risk signals to leadership.
• Partner with engineering to embed compliance controls into development workflows (policy and tooling early, not as a retrofit).
• Manage third-party risk: evaluate vendors/subprocessors, maintain inventory, and ensure security and privacy requirements are met.
• Scale the GRC function with automation to reduce manual effort and grow without proportional headcount increase.

Requirements

• 7+ years of compliance and customer trust experience (ideally in B2B SaaS or developer tools) with experience across multiple audit cycles.
• Hands-on framework expertise in SOC 2 and ISO 27001; privacy-aware approach to how GDPR/CCPA intersect with security controls.
• Experience using compliance automation tools such as Vanta, Drata, or similar platforms.
• Ability to collaborate effectively with engineering, legal, and customers; can explain control design to skeptical stakeholders and draft clear policies and risk summaries.
• Comfort operating with significant autonomy and setting priorities independently.
• Pragmatic mindset focused on reducing real risk rather than checking boxes.

Culture & Benefits

• Remote-first role with no required commute and deep focus/async collaboration.
• In-person connection via team off-sites, optional co-working, and occasional travel.
• Competitive salary and equity with employee-friendly equity terms (including early exercise in the US and extended exercise windows).
• Daily meal and coffee stipend; paid co-working space or desk.
• Health coverage based on country requirements; 5 weeks paid vacation plus local statutory holidays.
• 4 months paid parental leave and additional paid time off after tenure.

Hiring process

• Structured hiring process with role-relevant evaluation steps (details provided in hirify.global’s hiring materials).