Job Overview
Location
US, Remote
Job Type
Full-time
Category
HR & Recruiting
Date Posted
May 21, 2026
Full Job Description
đź“‹ Description
- • Lead, coach, and grow the Compliance team responsible for compliance operations, privacy, and third-party risk management across the organization.
- • Set strategic priorities and operating rhythms for the compliance function, balancing program maturity, customer support, audit readiness, and cross-functional execution.
- • Serve as the primary internal lead for compliance initiatives, including control mapping, evidence collection, audit coordination, and continuous improvement of the control environment.
- • Maintain and mature compliance posture against frameworks including SOC 2, ISO 27001, NIST AI RMF, ISO 42001, DORA, UK Cyber Essentials, FedRAMP, and NIST 800-53.
- • Oversee the organization’s data privacy program, ensuring adherence to GDPR, CCPA/CPRA, EU AI Act, and emerging U.S. state privacy laws.
- • Maintain Records of Processing Activities (RoPAs), manage Data Subject Access Requests (DSARs), and conduct Privacy Impact Assessments (PIAs).
- • Partner with Legal and Product teams to embed privacy-by-design, data minimization, and transparency practices into product development and business processes.
- • Own and manage the third-party risk management lifecycle, including vendor onboarding, periodic reassessments, contract and privacy reviews, and ongoing risk tracking.
- • Conduct security and privacy due diligence on new vendors and subprocessors supporting the NodeZeroTM SaaS platform.
- • Maintain a current inventory of all vendors, subprocessors, and associated risk assessments.
- • Serve as the primary point of contact for customer security questionnaires, RFPs, customer audits, and due diligence requests.
- • Leverage existing documentation—such as SOC 2 reports, pentest results, whitepapers, and Data Processing Agreements—to provide accurate, timely responses to customer and regulatory inquiries.
- • Support Sales, Customer Success, and Legal teams in accelerating deal velocity by strengthening trust in Horizon3.ai’s security and compliance posture.
- • Develop and deliver metrics, reporting, and risk narratives that communicate compliance posture, program trends, and organizational priorities to leadership.
- • Identify opportunities to improve processes, tooling, and documentation to enable scalable and efficient compliance and privacy operations.
- • Act as the primary owner for enterprise security risk, establishing and maturing the Risk Register to centralize and track all identified threats.
- • Manage the full risk lifecycle: detection, impact analysis, remediation tracking, and formal sign-off.
- • Implement a standardized risk scoring methodology using quantitative and qualitative metrics to drive objective prioritization across the organization.
- • Recruit, onboard, mentor, and retain high-performing compliance and privacy professionals.
- • Collaborate horizontally with Engineering, IT, Legal, HR, Product, Sales, and Customer Success to implement and validate control requirements across departments.
- • Demonstrate strong ownership, integrity, and commitment to process improvement and customer satisfaction.
- • Maintain hands-on involvement in compliance operations while providing strategic leadership to the team.
🎯 Requirements
- • Deep experience in Governance, Risk, and Compliance (GRC) within a B2B SaaS, cybersecurity, or similarly regulated technology environment
- • Deep understanding of compliance frameworks including SOC 2, ISO 27001, NIST AI RMF, DORA, and NIST 800-53, with experience leading annual audits
- • Expertise in GDPR, CCPA/CPRA, EU AI Act, and emerging U.S. state data privacy laws
- • Strong working knowledge of third-party risk management, vendor due diligence, and privacy/security review processes
- • Experience responding to security questionnaires, RFPs, customer audits, and due diligence requests
- • Knowledge of common SaaS infrastructure and business systems such as AWS, Okta, MDM, SIEM, and DLP
🏖️ Benefits
- • Base salary range of $149,850 - $185,000 annually, with equity package in the form of stock options
- • Health, vision, and dental insurance for employee and family
- • Flexible vacation policy
- • Generous parental leave
- • Inclusive team culture that values diversity, equity, and inclusion
- • Growth opportunities within a dynamic, high-growth cybersecurity company
Skills & Technologies
AWS
Remote
$149k-185k
Degree Required
About Horizon3.ai, Inc.
Horizon3.ai provides autonomous security testing and attack surface management software. Its NodeZero platform continuously assesses enterprise networks, clouds, and applications to find exploitable weaknesses, validate fixes, and prioritize risks. The company serves Fortune 500, government, and mid-market organizations seeking proactive defense without manual red teams.
Get more remote jobs like this
Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.
Newsletter
Weekly remote jobs and featured talent.
No spam. Only curated remote roles and product updates. You can unsubscribe anytime.
Similar Opportunities
Germany
Contract
Expires Jul 7, 2026
Remote
24 days ago
