Jobs · Information Technology

Principal Security & Compliance Advisor, Outpost

Pliancy · United States · 1 mo ago
RemoteRemoteInformation Technology$150k–$180k/yrFull-time

About Outpost

Outpost Security is Pliancy’s security and compliance brand for organizations that need practical, expert-led guidance without the fear-mongering or obfuscation that too often comes with cybersecurity. Our thesis is simple: security should be comprehensive and comprehensible. We translate complex policies, controls, and systems into straightforward action plans that help clients understand what they need, how they are protected, and why it matters.

About the Role

This is a senior, client-facing role for someone who can operate as both a trusted advisor and a practical implementer. You’ll help clients make sense of security, compliance, and AI risk decisions, translate business objectives into action plans, and guide the work required to improve their security posture while using emerging technologies responsibly. You’ll also work closely with the Managing Director of Outpost to shape how Outpost delivers services, packages its offerings, documents its playbooks, and scales over time. This is far more than a narrow compliance checklist role, and it is not a behind-the-scenes engineering-only role. The right person will care deeply about documentation, but even more about helping clients reach their business objectives and delivering an exceptional client experience along the way. You should be comfortable with ambiguity, energized by building something new, and excited to help define the operating model for an important and growing part of Pliancy.

Responsibilities

  • Serve as a senior security and compliance advisor for Outpost clients, with an emphasis on finance firms, including VC, PE, hedge funds, family offices, both ERAs and RIAs, and other investment firms, as well as select technology and biotech startups.
  • Lead consultative client conversations around governance, risk, controls, compliance readiness, secure AI adoption, security roadmaps, vendor selection, audit preparation, DDQs, cybersecurity insurance, incident preparedness, and operational workflows.
  • Translate client business objectives into practical security and compliance action plans that are clear, prioritized, and realistic.
  • Help clients understand, evaluate, and securely adopt AI tools, including usage policies, data handling expectations, vendor risk considerations, access controls, employee guidance, and practical governance models.
  • Help design, document, and continuously improve Outpost’s service delivery playbooks, templates, project plans, assessment methods, and client-facing deliverables.
  • Deliver leadership-level roadmapping and project ownership across ongoing client engagements.
  • Support clients working toward or maintaining compliance with frameworks and requirements such as SOC 2, ISO 27001, NIST CSF, CIS Controls, CCPA, GDPR, HIPAA-adjacent requirements, and other relevant security or privacy obligations.
  • Assess and improve client processes such as onboarding, offboarding, access reviews, vendor risk management, business continuity, disaster recovery, incident response, policy management, and control monitoring.
  • Advise on and help implement systems and tools across categories such as compliance automation, identity and access management, endpoint security, MDR, SIEM, vulnerability management, MDM, backup and recovery, AI productivity platforms, and security awareness.
  • Partner with Pliancy teams to connect security and compliance recommendations to the underlying IT systems, workflows, and support model required to make them stick.
  • Create high-quality internal and client-facing documentation that improves clarity, repeatability, and client experience.
  • Share market observations, client feedback, recurring pain points, and delivery lessons with Outpost leadership to help productize the offering.
  • Help shape future hiring, operating processes, and service standards as Outpost grows.

Requirements

  • 5+ years of experience in security, compliance, GRC, vCISO, security consulting, advisory, MSP/MSSP, or a comparable client-facing security role.
  • Strong working knowledge of security and compliance domains such as governance, risk management, control assessments, access controls, audit readiness, vendor risk, incident response, vulnerability management, business continuity, and data protection.
  • Experience advising executives or senior operators on security and compliance decisions.
  • Experience translating frameworks, audit requirements, regulatory expectations, or emerging technology risks into practical workstreams.
  • Familiarity with frameworks and standards such as ISO 27001, NIST CSF, NIST 800-53, CIS Controls, CCPA, GDPR, and HIPAA.
  • Comfort working with finance, investment management, venture capital, private equity, hedge fund, family office, startup, technology, or biotech clients.
  • Comfort advising clients on responsible AI usage, including secure adoption, acceptable use, data protection, vendor review, employee enablement, and business-process implications.
  • Ability to communicate clearly with both technical and non-technical audiences.
  • Strong client-service instincts, including follow-up, follow-through, responsiveness, expectation-setting, and good judgment under pressure.
  • Ability and willingness to properly document processes, decisions, risks, controls, assets, and recommendations.
  • A practical understanding of common security tooling categories, including IAM, MDM, EDR/XDR, MDR, SIEM, vulnerability management, backup and recovery, compliance automation, and security awareness platforms.
  • A practical understanding of how AI tools are being adopted inside modern businesses, including common risks around sensitive data, access, vendor terms, employee usage, workflow design, and governance.
  • Demonstrated ability to learn new technologies, client environments, and business contexts quickly.
  • A sense of ownership and pride in your work.
  • A team-centric mentality, with a focus on collaboration, communication, documentation, improving processes, and succeeding together.
  • Authorization to work in the United States for any employer.

Physical & Work Environment

This is a fully remote, US-based role. Most work will be performed from a home office or remote workspace, using a computer and standard office equipment for prolonged periods. The role may involve very occasional travel for team meetings, client workshops, conferences, or strategically important onsite engagements. Because Outpost supports clients across multiple time zones (EST to PST), you should be comfortable working with a distributed team and adjusting your schedule as client needs require.

Similar jobs

Principal Security Consultant

Kratos Defense and Security SolutionsHerndon, VA· 1 wk ago
Information Technologyapply on kratosdefense.submit4jobs.com