Staffing Science
Head of Security and Compliance
Staffing Science, San Francisco, California, United States, 94199
Overview
A rapidly growing technology company is seeking a
Head of Security & Compliance
to lead its information security, compliance, and risk management programs. This individual will be the driving force behind achieving and maintaining
FedRAMP
and
CMMC
certifications and will play a crucial role in establishing trust with both customers and partners. This is a highly visible and customer-facing role, ideal for someone who thrives in startup environments, enjoys building programs from the ground up, and can confidently represent security posture to enterprise and federal clients. Must be able to work on-site in San Francisco for 4 days a week. What You’ll Do
Lead all security and compliance initiatives , including strategy, roadmap, and execution for FedRAMP, CMMC, and related frameworks (e.g., SOC 2, ISO 27001). Own the FedRAMP and CMMC authorization process —from gap assessment through certification—working closely with internal stakeholders and external vendors, auditors, and assessors. Serve as the company’s security face to customers —participating in sales calls and technical discussions to communicate the company’s security controls, compliance posture, and risk management approach. Partner with engineering and product teams
to integrate secure development practices, perform risk assessments, and ensure security-by-design principles. Collaborate with vendors and third-party providers
to ensure all partners meet compliance and security requirements. Develop policies, procedures, and documentation
supporting continuous compliance, incident response, and security awareness across the organization. Act as a trusted advisor
to the executive team on emerging threats, regulatory changes, and evolving customer security expectations. What You’ll Bring
8+ years of experience in
information security, compliance, or risk management , with 3+ years in a leadership role. Deep expertise in
FedRAMP
and
CMMC frameworks , including hands-on experience achieving or maintaining certification. Proven success in
customer-facing security roles —comfortable presenting to clients, auditors, and executive stakeholders. Strong understanding of
cloud-native SaaS environments , ideally within AWS or Azure. Ability to collaborate closely with
software engineers
and technical teams—comfortable discussing topics like infrastructure, data flows, and access controls. Familiarity with additional standards such as
SOC 2, NIST 800-53, ISO 27001 , and
Zero Trust
frameworks. Experience working in
startups or high-growth environments
where processes and systems are being built from the ground up. Active or previously held
Secret Clearance
is a strong plus. Relevant certifications such as
CISSP, CISM, CISA, or PMP
are a plus. Why Join
Build and own the company’s entire
security and compliance function
from the ground up. Direct impact on
customer trust and enterprise expansion
through security leadership. Collaborate with a highly technical, mission-driven team in a fast-paced startup culture. Work onsite 4 days per week in a collaborative
San Francisco office
with a forward-thinking leadership team.
#J-18808-Ljbffr
A rapidly growing technology company is seeking a
Head of Security & Compliance
to lead its information security, compliance, and risk management programs. This individual will be the driving force behind achieving and maintaining
FedRAMP
and
CMMC
certifications and will play a crucial role in establishing trust with both customers and partners. This is a highly visible and customer-facing role, ideal for someone who thrives in startup environments, enjoys building programs from the ground up, and can confidently represent security posture to enterprise and federal clients. Must be able to work on-site in San Francisco for 4 days a week. What You’ll Do
Lead all security and compliance initiatives , including strategy, roadmap, and execution for FedRAMP, CMMC, and related frameworks (e.g., SOC 2, ISO 27001). Own the FedRAMP and CMMC authorization process —from gap assessment through certification—working closely with internal stakeholders and external vendors, auditors, and assessors. Serve as the company’s security face to customers —participating in sales calls and technical discussions to communicate the company’s security controls, compliance posture, and risk management approach. Partner with engineering and product teams
to integrate secure development practices, perform risk assessments, and ensure security-by-design principles. Collaborate with vendors and third-party providers
to ensure all partners meet compliance and security requirements. Develop policies, procedures, and documentation
supporting continuous compliance, incident response, and security awareness across the organization. Act as a trusted advisor
to the executive team on emerging threats, regulatory changes, and evolving customer security expectations. What You’ll Bring
8+ years of experience in
information security, compliance, or risk management , with 3+ years in a leadership role. Deep expertise in
FedRAMP
and
CMMC frameworks , including hands-on experience achieving or maintaining certification. Proven success in
customer-facing security roles —comfortable presenting to clients, auditors, and executive stakeholders. Strong understanding of
cloud-native SaaS environments , ideally within AWS or Azure. Ability to collaborate closely with
software engineers
and technical teams—comfortable discussing topics like infrastructure, data flows, and access controls. Familiarity with additional standards such as
SOC 2, NIST 800-53, ISO 27001 , and
Zero Trust
frameworks. Experience working in
startups or high-growth environments
where processes and systems are being built from the ground up. Active or previously held
Secret Clearance
is a strong plus. Relevant certifications such as
CISSP, CISM, CISA, or PMP
are a plus. Why Join
Build and own the company’s entire
security and compliance function
from the ground up. Direct impact on
customer trust and enterprise expansion
through security leadership. Collaborate with a highly technical, mission-driven team in a fast-paced startup culture. Work onsite 4 days per week in a collaborative
San Francisco office
with a forward-thinking leadership team.
#J-18808-Ljbffr