Jobs · Information Technology · California

Security & Compliance Operations Manager

Mintlify · San Francisco, CA · 2 days ago
On-siteInformation Technology$120k–$180k/yrFull-time

The Role

We're hiring our first dedicated GRC Program Manager to own the security & compliance program that our enterprise business runs on: SOC 2 Type II, ISO 27001, ISO 42001, GDPR, and Microsoft SSPA. The program exists and is well-documented — audits are mid-flight, the vCISO and auditors are engaged, the platform (Drata) is deployed. What it needs is a single accountable operator.

What You'll Do

  • Run five compliance programs end-to-end — own the audit calendar, evidence collection, remediation tracking, and auditor relationships (Sensiba for SOC 2/ISO; A-LIGN for Microsoft SSPA)
  • Administer Drata — keep monitors green, assign and validate evidence, manage policies and the trust center
  • Own the vendor bench — drive the weekly Rhymetec vCISO engagement, manage renewals and contracts across the security/compliance vendor portfolio
  • Run the standing processes — security questionnaire escalation, inbound vendor security reviews, bug bounty coordination (triage, researcher comms, payouts), trainings and access-review cadences
  • Be the customer-facing compliance voice — trust center, DPAs, subprocessor list, and enterprise security requirements (Microsoft, Coinbase, Okta-style programs)
  • Clockwork coordination — route technical work to Engineering DRIs with clear asks, and keep leadership out of the coordination loop

What We're Looking For

  • 3+ years in GRC / compliance program management / security operations with direct audit ownership
  • Hands-on compliance-platform administration (Drata, Vanta, or similar)
  • Vendor and auditor relationship management as the accountable owner
  • Meticulous follow-through — in this job, a dropped thread is an audit finding
  • Bias toward automation and pushing work to tests/vendors rather than doing it manually forever

Bonus Points

  • ISO 42001 / AI governance exposure
  • GDPR operations (DSARs, RoPA, consent tooling)
  • Early-stage startup experience as a sole compliance owner

Company Benefits

  • Competitive compensation and equity
  • 20 days paid time off every year
  • 401k or RRSP
  • $420/month wellness stipend
  • 100% coverage for Health, dental, vision
  • Free Ubers to and from work
  • Free lunch and dinners
  • Annual team offsite (previously went to Alaska, Hawaii)

Compensation Range

$120K - $180K

Similar jobs

Operations Manager

Allied UniversalMenomonee Falls, WI· 1 wk ago
Managementapply on diversifiedm-aus.icims.com

Operations Manager

Morgan Advanced MaterialsElkhart, IN· 1 mo ago
Managementapply on careers-morganplc.icims.com

Operations Manager

BrightView LandscapesBluffton, SC· 1 mo ago
Managementapply on brightviewcareers.com

OPERATIONS MANAGER

City Electric SupplyRockville, MD· 3 mo ago
Managementapply on paycomonline.net