Sr. Manager, Security, Risk & Compliance

Joining our Security, Risk & Compliance team means you’ll sit at the intersection of product, engineering, AI innovation, customer trust, and company growth. You’ll influence how a global SaaS business manages risk, builds securely, and communicates its security posture to some of the biggest companies in the world.

This is a high-impact, highly visible role reporting directly to the General Counsel. You will serve as a senior member of SCW’s security function and a company thought leader across Security, Compliance, Risk, and AI Governance.

You’ll shape our evolving GRC strategy together with security functions in Product & Engineering and corporate IT and be a partner for Legal, and Sales serving as a trusted, customer-facing voice for our enterprise clients.

If you thrive in a scale-up environment where Cyber Security is a CEO-sponsored priority, enjoy building structure without bureaucracy, and want to influence how a next-generation SaaS company approaches modern security (including AI-specific risks), this role was built for you.

• Customers trust their data on our systems. Your #1 priority is ensuring customers continue to trust SCW’s systems, product and risk frameworks.
• Ensure Sales Engineering can execute enterprise customer security reviews, DPA’s, complete RFPs and security diligence quickly and efficiently. 
• Work closely with Legal, Sales and Revenue in the customer onboarding process to translate complex security requirements into clear, customer-friendly language.
• Maintain SCW Trust Centre and our Helpdesk security pages (https://help.securecodewarrior.com/hc/en-us/categories/360001983011-General-FAQs-more).
• Participate in customer cyber conversations and represent SCW’s security posture with credibility and clarity.

• Lead security compliance activities across frameworks such as SOC2, ISO 27001, ISO42001, EU regulations (GDPR, CRA, NIS2), AI-specific regulations, and other evolving global standards.
• Participate  in SCW’s evolving Data (AI) Governance program SCW’s AI governance program, including safe AI use, data governance rules, and updating our Generative AI Acceptable Use Policy.
• Provide both strategic guidance and hands-on execution for GRC initiatives.

• Partner with Engineering & Product, Corporate IT and Business Ops to embed security-by-design across the company.
• Review new product capabilities and business initiatives to ensure alignment with security and privacy requirements.

• Co-develop SCW’s GRC strategy with the CFO and General Counsel.
• Drive the Information Security Committee: agendas, follow-ups, speakers, and cross-functional alignment.
• Oversee incident response, business continuity, disaster recovery planning, and compliance.
• Prepare and deliver reports to Senior Leadership, the Audit Committee, Board of Directors, and key investors.

• Lead internal security awareness training.
• Manage vendor risk assessments from procurement through ongoing monitoring.
• Own the assessment and completion of external security questionnaires.

• 7–10+ years of relevant security, risk, or compliance experience in Enterprise SaaS environment5+ years directly in Security/GRC roles.
• Experience in mid–late stage startups or scale-ups.
• Hands-on involvement with SOC 2, ISO 27001, GDPR, NIST, or similar frameworks.
• Experience working closely with Sales, Legal, and Product teams as a security SME.Strong technical understanding of cloud, application security, and modern infrastructure.
• AI security and governance exposure, including LLM threat modeling, AI data privacy considerations, and modern AI attack surfaces.
• Ability to communicate complex topics simply - to executives, engineers, and customers.
• One or more relevant certifications preferred (CISM, CISSP, CISA, CRISC, ISO 27001 Lead Auditor/Implementer, etc.)

• AWS experience.
• Ability to balance pragmatism with strong security practices.
• Strong commercial awareness; able to support growth without compromising security.
• Self-starter mindset with the ability to operate independently in a fast-paced environment.A collaborative, supportive working style and willingness to help others succeed.
• Growth mindset - confidence navigating a fast-moving AI and security landscape.

• In your first 12 months, success looks like:
• A modernized, scalable GRC strategy aligned with SCW’s AI-first product direction.
• Strong customer trust demonstrated through faster deal cycles and smoother reviews.
• A clear, company-wide security narrative communicated consistently across teams.
• A security posture that supports innovation.
• Well-governed vendor risk processes across the business.
• Robust, consistent policies and training that help employees work securely.