Drata

Senior Compliance Advisor

Drata$97K — $150K *
US-AnywhereRemote in United States
Business Services
Less than 5 years of experience
4 days ago
Be an Early Applicant
Job Overview by Ladders

Qualifications

  • 4-6 years of audit experience with SOC 2 and ISO 27001/27002 compliance programs.
  • Exposure to other frameworks like HIPAA, PCI, GDPR, CMMC, FedRAMP, CCPA.
  • Strong background in Governance, Risk, and Compliance (GRC) processes and programs.
  • Familiarity with GRC tools or cybersecurity technologies; hands-on GRC platform experience is a plus.
  • Previous experience at consulting or cybersecurity firms is preferred.
  • Proven self-starter who can prioritize, own work, and quickly adapt to new compliance frameworks.
  • Ability to build positive customer relationships and provide excellent guidance.

Responsibilities

  • Advise customers on security policies and audit readiness for various compliance frameworks.
  • Lead control mapping and cross-framework analysis to align audit requests with the Drata Control Framework.
  • Serve as the compliance expert in customer interactions and internal discussions.
  • Develop and present on industry best practices and compliance queries for diverse audiences.
  • Share knowledge and provide mentorship to foster team growth and success.
  • Collaborate with Customer Success and Account Managers to offer compliance advisory services.
  • Host webinars to discuss audit best practices and address customer inquiries.

Benefits

  • Stock equity for shared success as the company grows.
  • Up to 100% employer-paid medical, dental and vision coverage for employees and dependents.
  • Comprehensive financial benefits including a 401(k), life and disability insurance, and spending accounts.
  • Paid Parental Leave policy and family-building benefits after six months of employment.
  • Annual stipends for professional development and access to internal learning opportunities.
  • Flexible vacation policy and paid holidays for proper work-life balance.
Full Job Description
Job Summary:

As a Senior Compliance Advisor at Drata, you are a customer-facing information security and compliance expert for the world's most advanced security and compliance automation platform. Senior Compliance Advisors execute within the Professional Services function of the Customer Success organization at Drata and work closely with all teams to drive fast and smooth audit readiness programs, create and deliver best practices in meeting requirements for control and privacy frameworks, and advocate on behalf of customers' needs for a rapidly growing platform. You'll build trust and empathy with Drata's customers as you advise them toward a continuous and self-sufficient security, risk and compliance posture.

What you'll do:
  • Advise customers on information security policies, control evidence, and overall audit readiness as they prepare for audits and assessments against SOC 2, ISO 27001/27002, HIPAA, PCI, NIST 800-171, CMMC, FedRAMP, GDPR, CCPA, and related frameworks.
  • Lead end-to-end control mapping and cross-framework crosswalk analysis, aligning customer custom controls and audit evidence request lists (IRLs) to the Drata Control Framework (DCF).
  • Serve as the primary compliance expert in customer-facing meetings, via email and executable work for customers, and to members of our Customer Success teams.
  • Lead the development and present on GRC industry best-practices and on common compliance questions received from customers for both external and internal audiences.
  • Lead ongoing internal learning and success of our team by sharing knowledge through mentorship, research, and internal presentations.
  • Partner with Customer Success and Account Managers in providing current customers with additional compliance advisory services as needed.
  • Engage with the Sales team, as needed, with responding to prospective customer questions.
  • Host customer-facing webinars to answer questions on audit and GRC best practices
  • Review marketing articles and blog posts for accuracy as needed.

What you'll bring:
  • Must have 4 - 6 years of experience in performing audits and assessments for compliance programs based on SOC 2 and ISO 27001/27002
  • The ideal candidate will have exposure and experience in additional frameworks such as HIPAA, PCI, GDPR, CMMC, FedRAMP, CCPA, or other major compliance and controls regulations and framework
  • Strong background and understanding of GRC (Governance, Risk, and Compliance) programs, processes, functions, and operational teams, and helping organizations design, build, and operate their risk, security, and compliance programs
  • Familiarity with GRC tools and/or cybersecurity technologies; hands-on experience with a GRC automation platform is a plus.
  • While not required, previous experience at consulting, audit, and advisory firms or at GRC/cybersecurity technology companies, is highly preferred.
  • Proven self-starter able to identify priorities, take ownership of work, and learn and advise on new compliance frameworks quickly.
  • An ability to develop and cultivate positive relationships with customers - make their day by providing the best possible guidance and customer experience
  • Desire to work at a rapidly growing startup with a team-player mindset, building and creating something from the ground up.
  • A proactive approach to managing your workload and day and ability to prioritize many different tasks and levels of responsibility
  • Constant ability to iterate and improve upon existing processes - challenge the status quo and improve upon the current state
  • A strong ability to work within a high-speed and high-volume environment
  • Nice to have: Light technical fluency to accelerate evidence automation and customer enablement - comfort reading and interpreting API responses, working familiarity with at least one major cloud provider (AWS, GCP, or Azure) and its core security/IAM services, and/or basic scripting (Python, PowerShell, or SQL) to streamline repetitive evidence-collection tasks.
  • Nice to have: One or more industry certifications such as CISA, CISSP, CIPP/E or CIPP/US, CRISC, or ISO 27001 Lead Auditor / Lead Implementer.

How we support you:At Drata, our people are our strongest advantage-and we prove it with support that exceeds industry standards. Our total rewards package is designed to power your well-being, accelerate your growth, and keep your work-life balance thriving.

Explore how we invest in your Life at Drata.
  • Shared Success: We provide stock equity to ensure that as the company grows, you share directly in that success. Equity gives every employee a sense of ownership and the opportunity to celebrate our wins together-because your contributions don't just support our progress; they help drive our collective success.
  • Health & Wellness: Up to 100% employer-paid premiums for medical, dental, and vision coverage for employees and their dependents, along with comprehensive wellness benefits and healthcare concierge services designed to support your needs beyond traditional insurance.
  • Financial Well-being: A comprehensive suite of financial benefits, including a 401(k) plan, company-paid life and disability insurance, tax-advantaged spending accounts, and a range of discounted voluntary offerings to help you customize and strengthen your overall financial position.
  • Family Support: We want to support you in life's most important moments, so we offer a paid Parental Leave policy, after six months of employment. Employees also receive access to Kindbody fertility and family-building benefits and dedicated leave specialists who help guide you through the entire process.
  • Growth & Development: Generous annual stipends for both professional and personal development, empowering you to invest in your continued growth. You'll also have access to a wide range of internal learning opportunities, ensuring you can build new skills, deepen your expertise, and advance your career with confidence.
  • Time Off & Flexibility: We believe that to do your best work, you should get the time you need for rest, rejuvenation and recovery. Drata offers a flexible vacation policy, paid holidays, and other perks to recharge.

This role will receive a competitive base salary, variable compensation, benefits, and/or stock, typically in the form of Restricted Stock Units (RSUs). The applicable range ofOn-Target Earnings (OTE) for each US-based role is based on where the employee works and is aligned to one of 3 tiers based on the cost of labor for that geographic area. The expected OTE ranges for this role are set forth below, subject to change.

Tier 1: $121,600 - $150,200

Tier 2: $109,400 - $135,000

Tier 3: $97,200 - $120,000

You can view which tier applies to where you plan to work here. A variety of factors are considered when determining someone's leveling and compensation-including a candidate's professional background and experience. These ranges may be modified in the future and final offer amounts may vary from the amounts listed above.

About Drata

Drata is a security and compliance automation platform that continuously monitors, manages, and reports on compliance. It provides a single pane of glass for companies to manage their security and compliance posture. Drata's platform automates the collection of evidence, streamlines workflows, and provides real-time visibility into compliance status. The company was founded in 2020 by Adam Markowitz, Daniel Marashlian, and Troy Markowitz.
Learn more about Drata
Size
50 employees
Industry
Information Technology
Founded
2020
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at Drata

More Business Services Jobs

Find similar Senior Compliance Advisor jobs:

NationwideRemote