Sr. Manager, Security, Risk & Compliance
Secure Code Warrior
Compliance / Regulatory
United States
Posted on Nov 23, 2025
Joining our Security, Risk & Compliance team means you’ll sit at the intersection of product, engineering, AI innovation, customer trust, and company growth. You’ll influence how a global SaaS business manages risk, builds securely, and communicates its security posture to some of the biggest companies in the world.
This is a high-impact, highly visible role reporting directly to the General Counsel. You will serve as a senior member of SCW’s security function and a company thought leader across Security, Compliance, Risk, and AI Governance.
You’ll shape our evolving GRC strategy together with security functions in Product & Engineering and corporate IT and be a partner for Legal, and Sales serving as a trusted, customer-facing voice for our enterprise clients.
If you thrive in a scale-up environment where Cyber Security is a CEO-sponsored priority, enjoy building structure without bureaucracy, and want to influence how a next-generation SaaS company approaches modern security (including AI-specific risks), this role was built for you.
What You'll Do
- Customers trust their data on our systems. Your #1 priority is ensuring customers continue to trust SCW’s systems, product and risk frameworks.
- Ensure Sales Engineering can execute enterprise customer security reviews, DPA’s, complete RFPs and security diligence quickly and efficiently.
- Work closely with Legal, Sales and Revenue in the customer onboarding process to translate complex security requirements into clear, customer-friendly language.
- Maintain SCW Trust Centre and our Helpdesk security pages (https://help.securecodewarrior.com/hc/en-us/categories/360001983011-General-FAQs-more).
- Participate in customer cyber conversations and represent SCW’s security posture with credibility and clarity.
- Lead security compliance activities across frameworks such as SOC2, ISO 27001, ISO42001, EU regulations (GDPR, CRA, NIS2), AI-specific regulations, and other evolving global standards.
- Participate in SCW’s evolving Data (AI) Governance program SCW’s AI governance program, including safe AI use, data governance rules, and updating our Generative AI Acceptable Use Policy.
- Provide both strategic guidance and hands-on execution for GRC initiatives.
- Partner with Engineering & Product, Corporate IT and Business Ops to embed security-by-design across the company.
- Review new product capabilities and business initiatives to ensure alignment with security and privacy requirements.
- Co-develop SCW’s GRC strategy with the CFO and General Counsel.
- Drive the Information Security Committee: agendas, follow-ups, speakers, and cross-functional alignment.
- Oversee incident response, business continuity, disaster recovery planning, and compliance.
- Prepare and deliver reports to Senior Leadership, the Audit Committee, Board of Directors, and key investors.
- Lead internal security awareness training.
- Manage vendor risk assessments from procurement through ongoing monitoring.
- Own the assessment and completion of external security questionnaires.
Ensure Customer Trust
Lead Security, Risk, Compliance & AI Governance
Cross-Functional Partnership
Governance, Reporting & Program Ownership
Security Education, Awareness & Vendor Management
What You'll Bring
- 7–10+ years of relevant security, risk, or compliance experience in Enterprise SaaS environment5+ years directly in Security/GRC roles.
- Experience in mid–late stage startups or scale-ups.
- Hands-on involvement with SOC 2, ISO 27001, GDPR, NIST, or similar frameworks.
- Experience working closely with Sales, Legal, and Product teams as a security SME.Strong technical understanding of cloud, application security, and modern infrastructure.
- AI security and governance exposure, including LLM threat modeling, AI data privacy considerations, and modern AI attack surfaces.
- Ability to communicate complex topics simply - to executives, engineers, and customers.
- One or more relevant certifications preferred (CISM, CISSP, CISA, CRISC, ISO 27001 Lead Auditor/Implementer, etc.)
- AWS experience.
- Ability to balance pragmatism with strong security practices.
- Strong commercial awareness; able to support growth without compromising security.
- Self-starter mindset with the ability to operate independently in a fast-paced environment.A collaborative, supportive working style and willingness to help others succeed.
- Growth mindset - confidence navigating a fast-moving AI and security landscape.
Highly Valued
The Impact You'll Have
- In your first 12 months, success looks like:
- A modernized, scalable GRC strategy aligned with SCW’s AI-first product direction.
- Strong customer trust demonstrated through faster deal cycles and smoother reviews.
- A clear, company-wide security narrative communicated consistently across teams.
- A security posture that supports innovation.
- Well-governed vendor risk processes across the business.
- Robust, consistent policies and training that help employees work securely.
