Sr. Manager, Security, Risk & Compliance

Secure Code Warrior

United States

November 22, 2025

Apply Now

Sr. Manager, Security, Risk & Compliance

United States
Finance – Security & Compliance /
Remote
Joining our Security, Risk & Compliance team means you’ll sit at the intersection of product, engineering, AI innovation, customer trust, and company growth. You’ll influence how a global SaaS business manages risk, builds securely, and communicates its security posture to some of the biggest companies in the world.

This is a high-impact, highly visible role reporting directly to the General Counsel. You will serve as a senior member of SCW’s security function and a company thought leader across Security, Compliance, Risk, and AI Governance.

You’ll shape our evolving GRC strategy together with security functions in Product & Engineering and corporate IT and be a partner for Legal, and Sales serving as a trusted, customer-facing voice for our enterprise clients.

If you thrive in a scale-up environment where Cyber Security is a CEO-sponsored priority, enjoy building structure without bureaucracy, and want to influence how a next-generation SaaS company approaches modern security (including AI-specific risks), this role was built for you.

What You'll Do


      • Ensure Customer Trust
    • Customers trust their data on our systems. Your #1 priority is ensuring customers continue to trust SCW’s systems, product and risk frameworks.
    • Ensure Sales Engineering can execute enterprise customer security reviews, DPA’s, complete RFPs and security diligence quickly and efficiently. 
    • Work closely with Legal, Sales and Revenue in the customer onboarding process to translate complex security requirements into clear, customer-friendly language.
    • Maintain
    • Participate in customer cyber conversations and represent SCW’s security posture with credibility and clarity.
      • Lead Security, Risk, Compliance & AI Governance 
    • Lead security compliance activities across frameworks such as SOC2, ISO 27001, ISO42001, EU regulations (GDPR, CRA, NIS2), AI-specific regulations, and other evolving global standards.
    • Participate  in SCW’s evolving Data (AI) Governance program SCW’s AI governance program, including safe AI use, data governance rules, and updating our Generative AI Acceptable Use Policy.
    • Provide both strategic guidance and hands-on execution for GRC initiatives.
      • Cross-Functional Partnership
    • Partner with Engineering & Product, Corporate IT and Business Ops to embed security-by-design across the company.
    • Review new product capabilities and business initiatives to ensure alignment with security and privacy requirements.
      • Governance, Reporting & Program Ownership
    • Co-develop SCW’s GRC strategy with the CFO and General Counsel.
    • Drive the Information Security Committee: agendas, follow-ups, speakers, and cross-functional alignment.
    • Oversee incident response, business continuity, disaster recovery planning, and compliance.
    • Prepare and deliver reports to Senior Leadership, the Audit Committee, Board of Directors, and key investors.
      • Security Education, Awareness & Vendor Management
    • Lead internal security awareness training.
    • Manage vendor risk assessments from procurement through ongoing monitoring.
    • Own the assessment and completion of external security questionnaires.

What You'll Bring

    • 7–10+ years of relevant security, risk, or compliance experience in Enterprise SaaS environment5+ years directly in Security/GRC roles.
    • Experience in mid–late stage startups or scale-ups.
    • Hands-on involvement with SOC 2, ISO 27001, GDPR, NIST, or similar frameworks.
    • Experience working closely with Sales, Legal, and Product teams as a security technical understanding of cloud, application security, and modern infrastructure.
    • AI security and governance exposure, including LLM threat modeling, AI data privacy considerations, and modern AI attack surfaces.
    • Ability to communicate complex topics simply - to executives, engineers, and customers.
    • One or more relevant certifications preferred (CISM, CISSP, CISA, CRISC, ISO 27001 Lead Auditor/Implementer, etc.)
      • Highly Valued
    • AWS experience.
    • Ability to balance pragmatism with strong security practices.
    • Strong commercial awareness; able to support growth without compromising security.
    • Self-starter mindset with the ability to operate independently in a fast-paced environment.A collaborative, supportive working style and willingness to help others succeed.
    • Growth mindset - confidence navigating a fast-moving AI and security landscape.

The Impact You'll Have

    • In your first 12 months, success looks like:
    • A modernized, scalable GRC strategy aligned with SCW’s AI-first product direction.
    • Strong customer trust demonstrated through faster deal cycles and smoother reviews.
    • A clear, company-wide security narrative communicated consistently across teams.
    • A security posture that supports innovation.
    • Well-governed vendor risk processes across the business.
    • Robust, consistent policies and training that help employees work securely.
Apply Now