Chief Compliance Architect

Job Description">We are seeking a highly skilled Compliance Specialist to lead our client's SOC 2 compliance efforts. The ideal candidate will have expertise in SaaS environments and proficiency in using compliance management platforms, preferably Vanta.This role requires strong coding fundamentals, system design capability, and the mindset of a builder who thrives in a startup environment. You will work in small agile teams reporting directly to the CTO, collaborating closely with AI engineers, security leaders, and product managers. Together you will build and deliver AI-native services delivered at startup speed.Our client is building an AI-centric operating system for utilities. It harnesses AI at the enterprise level to better orchestrate customer delight, facilitate power optimization, enhance grid health, and unlock flexibility at scale. Funded by a strategic industry partner, the client is poised to transform how utilities run and how customers experience energy.Responsibilities:SOC 2 Compliance Management: Lead the end-to-end process for achieving and maintaining SOC 2 compliance, including scoping, evidence collection, control implementation, and audit preparation using Vanta's platform.Vanta Platform Utilization: Leverage Vanta's AI and automation tools to streamline compliance workflows, monitor controls, and manage vendor risk assessments.Continuous Monitoring: Implement and oversee continuous monitoring processes to ensure ongoing adherence to SOC 2 requirements and other relevant frameworks (e.g., ISO *****, GDPR).Policy Development: Develop, update, and maintain security and compliance policies, procedures, and documentation within Vanta's centralized platform.Vendor Risk Management: Utilize Vanta's Vendor Risk Management VRM solution to assess and monitor third-party vendors ensuring compliance with security standards.Audit Support: Collaborate with external auditors to facilitate smooth and efficient SOC 2 audits utilizing Vanta's tools to provide real-time evidence and reporting.Cross-Functional Collaboration: Work closely with engineering, IT, and product teams to integrate compliance requirements into SaaS product development and operations.Training and Awareness: Conduct training sessions for employees on SOC 2 compliance requirements and best practices for maintaining a secure SaaS environment.Reporting and Metrics: Use Vanta's reporting features to track compliance metrics, generate reports, and communicate the company's security posture to internal stakeholders and external clients.Stay Updated: Keep abreast of evolving compliance frameworks, security standards, and Vanta platform updates to ensure alignment with industry best practices.Required Skills and Qualifications">Excellent English communication skills are essential for this role.A minimum of 3 years of experience in compliance, information security, or risk management with a focus on SOC 2 compliance in a SaaS environment is required.Hands-on experience with Vanta or similar compliance automation platforms is necessary.The ideal candidate will have a proven track record of successfully managing SOC 2 audits and implementing controls.Strong understanding of SaaS architecture, cloud security, and data privacy principles is required.Familiarity with compliance frameworks such as SOC 2, ISO *****, HIPAA, GDPR, or NIST CSF is also essential.Excellent project management and organizational skills to manage complex compliance initiatives are necessary.Strong communication skills to liaise with technical teams, auditors, and leadership are required.Detail-oriented with a proactive approach to problem-solving and process improvement is essential.Benefits">As a Compliance Specialist, you will have the opportunity to work with a cutting-edge technology company that is transforming the utilities industry. You will be part of a dynamic team that values innovation, collaboration, and continuous learning.Our company offers a competitive salary and benefits package, including comprehensive health insurance, retirement plan, and paid time off.Others">Relevant certifications, e.g., CISA, CISSP, CRISC, or SOC 2-specific training, are desirable.Familiarity with Vanta's AI Agent and other advanced features for GRC automation is also beneficial.Experience working with startups, mid-market, or enterprise organizations in a SaaS environment is preferred.Experience working on ERP systems or within the power utilities industry is also desirable.