Security & Compliance Lead

Glimpse

• $120K — $150K *

New York, NY 10025In-Person

Information Technology

5 - 7 years of experience

Today

Be an Early Applicant

By clicking Apply, I agree with Ladders' Terms of Use and Privacy Policy

Job Overview by Ladders

Qualifications

5+ years in security or related roles
Experience driving an end-to-end SOC 2 audit
Proficient in cloud environments (AWS, GCP, Azure)
Familiarity with customer security questionnaires
Strong written communication skills

Responsibilities

Develop and manage access and identity management programs
Lead the SOC 2 compliance efforts from planning to execution
Enhance customer trust through security documentation and engagement
Oversee infrastructure security practices including VM lifecycle and patching
Transition into broader security engineering functions over time

Benefits

High ownership and autonomy in the role
Opportunity to build a security program from the ground up
Dynamic startup environment with a talented team
Direct reporting to the CTO
Potential for professional growth into security engineering areas

Full Job Description

About the role

We're a fast-growing startup with a small but talented engineering team, and we're hiring our first Security & Compliance Lead to build the foundation for our security program. This is a high-ownership, high-autonomy role with a broad mandate: you'll own the security and compliance surface end-to-end, from access management and SOC 2 to infrastructure security and customer trust.

You'll report to CTO with full ownership of the security and compliance domain.

In year one, the work skews toward access management, SOC 2, and customer-facing security. Over time, the role grows into broader security engineering: monitoring, incident response, vendor risk, and architecture review.

If you've built a security program from scratch before and liked it, you'll recognize this job. If you want to build something from the ground up rather than slot into an existing program, read on.

What you'll own

Access & identity management. Production access, service accounts, SSO, and the lifecycle of both - provisioning, periodic review, deprovisioning.

SOC 2. You'll own the program end-to-end, mapping controls to our environment, driving evidence collection, and getting us through Type 1 and then Type 2 and other security frameworks.

Customer trust. You'll own security questionnaires, RFP security sections, and the customer-facing trust narrative (trust center, security overview docs, DPAs).

Infrastructure security. VM lifecycle and patching, baseline hardening, secrets management, vulnerability management, and cloud security posture.

Security engineering (over time). Logging and monitoring, incident response runbooks, vendor security reviews, and partnering with engineering on secure design.

What we're looking for

5+ years in security or security-adjacent roles
You've driven a SOC 2 audit - ideally owned one end-to-end, but if you ran the bulk of a program under a fractional CISO or security leader, that counts
Comfortable in cloud environments (AWS, GCP, or Azure) and writing enough code or Terraform to automate access and infrastructure workflows
You've owned customer security questionnaires and know how to make them faster
Strong written communication

Nice to have

A previous tour as the first or early security hire at a startup
Experience with identity tooling (Okta, AWS IAM Identity Center, Teleport, ConductorOne)
Experience with compliance platforms (Vanta, Drata, Secureframe)
Other frameworks beyond SOC 2 (ISO 27001, HIPAA, FedRAMP)
Background in security engineering, detection, or incident response

* Ladders Estimates

Similar Jobs

Supervisory IT Specialist
$110K — $130K *
Federal Aviation Administration
Atlantic City, NJ 08401 (Atlantic County)
Today
Supervisory Information Technology Specialist (InfoSec)
$120K — $150K *
U.S Government
Fairfax, VA 22030 (Fairfax City County)
Today
Supervisory Information Technology Specialist (InfoSec)
$120K — $150K *
U.S Government
Washington, DC 20011 (District Of Columbia County)
Today
Manager, IT Support & Cybersecurity
$140K — $150K *
RQI Partners
Wappingers Falls, NY 12590 (Dutchess County)
Reposted Yesterday
Senior Assessment & Authorization (A&A) Support Lead
$100K — $130K *
enGenius Consulting Group
Norfolk, VA 23503 (Norfolk City County)
Yesterday
Security & Compliance Manager
$90K — $130K *
Talon Health
Portsmouth, NH 03801 (Rockingham County)
4 days ago

Get Ready For Your
Next Interview

More Jobs at Glimpse

Security & Compliance Lead
$120K — $150K *
New York, NY 10025 (New York County)
Today
Information Technology
In-Person
Sr. Director - Growth
$150K — $200K *
New York, NY 10025 (New York County)
1 month ago
Retail & Consumer Goods
In-Person
Account Manager
$80K — $120K *
New York, NY 10025 (New York County)
1 month ago
Consumer Technology
In-Person

More Information Technology Jobs

Client Partner - Banking / Financial Services / Capital Markets
$325K — $350K + $100K bonus *
Large IT Services Firm (client of TechLink Systems)
New York, NY 10001 (New York County)
6 days ago
Business Development Director
$300K — $345K + $120K bonus *
Tier1 IT Services Firm
Kansas City, MO 64116 (Clay County)
1 week ago
Client Partner / Business Developemnt - Banking
$250K — $320K + $70K bonus *
IT Services Firm (client of TechLink Systems)
New York, NY 10001 (New York County)
1 week ago
Senior Software Engineer (AI Orchestrator)
$105K — $145K *
Cotiviti
Remote
Today
Sr/Staff Lustre Engineer
$150K — $250K *
Data Direct Networks
Raleigh, NC 27610 (Wake County)
Today

Find similar Security & Compliance Lead jobs:

Nationwide New York, NY

Security & Compliance Lead

Job Overview by Ladders

Full Job Description

Get Ready For Your Next Interview

Find similar Security & Compliance Lead jobs:

Get Ready For Your
Next Interview