As a leading enterprise in the technology industry, City Innovate is committed to maintaining the highest standards of security and compliance across our products and services. We are currently seeking an experienced Director of Information Security and Compliance to take charge of our comprehensive security compliance programs. The successful candidate will play a vital role in ensuring our compliance with critical regulations, including SOC 2, StateRAMP, FedRAMP, HIPAA, and GDPR. This position requires a dedicated professional who can not only lead and manage these complex programs but also collaborate effectively with our Product and Engineering teams to integrate security measures seamlessly into our offerings. If you possess the expertise, leadership, and analytical skills necessary to excel in this challenging and essential role, we invite you to explore this opportunity to join our remote workplace.

Responsibilities:

• Lead the design, implementation, and management of the company's security compliance programs, including but not limited to SOC 2, FedRAMP, HIPAA, and GDPR.
• Serve as the subject matter expert for SOC 2 and FedRAMP, ensuring all organizational processes adhere to these standards.
• Collaborate with Product and Engineering teams to ensure security measures are integrated into our products.
• Develop and maintain comprehensive compliance and security policies, procedures, and guidelines.
• Perform regular security risk assessments, internal/external audits, and vulnerability assessments.
• Train and mentor the security team, software delivery team, and broader organization in compliance matters.
• Interface with clients, regulators, and auditors, representing the company in all compliance matters.
• Stay abreast of regulatory changes within the compliance landscape and adjust policies and procedures as necessary.

• Bachelor's degree in Computer Science, Information Technology, or a related field; a Master’s degree is preferred.
• A minimum of 5 years of experience in security and compliance, with at least 3 years in a leadership role.
• Proven experience in SOC 2 and FedRAMP compliance is required.
• Relevant certifications like CISSP, CISA, CISM, or equivalent are highly desired.
• Excellent communication and leadership skills, with the ability to drive cross-functional collaboration.
• Strong analytical and problem-solving skills, with a commitment to staying current with industry best practices and trends.
• Must be comfortable working in a remote environment and coordinating with teams across different time zones.
• Must be a US citizen residing within the Continental United States (CONUS).
• Experience with State or Federal government security compliance is desirable.
• Experience with Secure SDLC processes is desirable.

• Compensation: $165-$185K
• Unlimited PTO
• 100% employer-funded medical, dental and vision insurance
• 100% remote
• $500 remote office setup

Our interview process may look like this:

1. Phone screen with HR
2. Interview with our CTO
3. Screening with a team member
4. A paid case study
5. An interview with our founders
6. Culture Assessment