Decagon
Governance, Risk, and Compliance Lead
Decagon, San Francisco, California, United States, 94199
Governance, Risk, and Compliance Lead
Lead Decagon's governance, risk, and compliance strategy as we scale our AI platform to serve the world's most security-conscious enterprise customers. You'll be the primary point of contact for customer security requirements, managing everything from contract negotiations to compliance certifications. This role offers the opportunity to build a GRC program that enables rapid sales cycles while maintaining the trust of Fortune 500 companies. You'll work directly with sales, legal, and engineering teams to position Decagon as the security leader in conversational AI. In this role, you will: Lead customer security engagements by negotiating information security exhibits and contractual requirements with enterprise customers and their legal teams, in collaboration with the legal team Build and manage a scalable security questionnaire process Drive compliance certifications including SOC 2 Type II, ISO 27001, PCI DSS, HIPAA, and CCPA Develop and maintain comprehensive security documentation including policies, procedures, and evidence collection Partner with Sales and Customer Success to accelerate deal velocity by proactively addressing customer security concerns with published content Collaborate with Security, Engineering, and Product teams to translate compliance requirements into actionable technical controls and ensure new features meet regulatory standards Establish vendor risk management programs to assess and monitor third-party security risks across our supply chain Create reporting on risk posture, compliance status, and security metrics that demonstrate continuous improvement Your background looks something like this: 3+ years of GRC experience in high-growth SaaS or technology companies, with direct responsibility for compliance programs Proven track record successfully completing SOC 2, ISO 27001, or similar enterprise compliance certifications Expertise in data privacy regulations including CCPA, GDPR, and emerging AI governance frameworks Experience negotiating security terms with Fortune 500 customers and their procurement teams Strong project management skills with ability to coordinate cross-functional teams under tight deadlines Excellent written and verbal communication skills to translate complex security concepts for diverse audiences Working knowledge of technical security controls and ability to collaborate effectively with engineering teams Even better: Experience with AI/ML compliance frameworks and understanding of unique risks in conversational AI systems Background in healthcare or financial services with deep knowledge of HIPAA or PCI requirements Track record of building GRC programs at companies scaling from startup to enterprise Experience with GRC platforms like Vanta, Drata, or SecureFrame to automate compliance workflows Understanding of cloud security particularly Google Cloud Platform compliance and security features Benefits: Medical, dental, and vision benefits Take what you need vacation policy Daily lunches, dinners and snacks in the office to keep you at your best Compensation: $180K $250K + Offers Equity
Lead Decagon's governance, risk, and compliance strategy as we scale our AI platform to serve the world's most security-conscious enterprise customers. You'll be the primary point of contact for customer security requirements, managing everything from contract negotiations to compliance certifications. This role offers the opportunity to build a GRC program that enables rapid sales cycles while maintaining the trust of Fortune 500 companies. You'll work directly with sales, legal, and engineering teams to position Decagon as the security leader in conversational AI. In this role, you will: Lead customer security engagements by negotiating information security exhibits and contractual requirements with enterprise customers and their legal teams, in collaboration with the legal team Build and manage a scalable security questionnaire process Drive compliance certifications including SOC 2 Type II, ISO 27001, PCI DSS, HIPAA, and CCPA Develop and maintain comprehensive security documentation including policies, procedures, and evidence collection Partner with Sales and Customer Success to accelerate deal velocity by proactively addressing customer security concerns with published content Collaborate with Security, Engineering, and Product teams to translate compliance requirements into actionable technical controls and ensure new features meet regulatory standards Establish vendor risk management programs to assess and monitor third-party security risks across our supply chain Create reporting on risk posture, compliance status, and security metrics that demonstrate continuous improvement Your background looks something like this: 3+ years of GRC experience in high-growth SaaS or technology companies, with direct responsibility for compliance programs Proven track record successfully completing SOC 2, ISO 27001, or similar enterprise compliance certifications Expertise in data privacy regulations including CCPA, GDPR, and emerging AI governance frameworks Experience negotiating security terms with Fortune 500 customers and their procurement teams Strong project management skills with ability to coordinate cross-functional teams under tight deadlines Excellent written and verbal communication skills to translate complex security concepts for diverse audiences Working knowledge of technical security controls and ability to collaborate effectively with engineering teams Even better: Experience with AI/ML compliance frameworks and understanding of unique risks in conversational AI systems Background in healthcare or financial services with deep knowledge of HIPAA or PCI requirements Track record of building GRC programs at companies scaling from startup to enterprise Experience with GRC platforms like Vanta, Drata, or SecureFrame to automate compliance workflows Understanding of cloud security particularly Google Cloud Platform compliance and security features Benefits: Medical, dental, and vision benefits Take what you need vacation policy Daily lunches, dinners and snacks in the office to keep you at your best Compensation: $180K $250K + Offers Equity