Remotehey

CandidatePost jobSignin

Work anywhere, Live anywhere

Deepreach.ai - remotehey
Deepreach.ai

Senior Security & Compliance Manager

united states / Posted
APPLY

About the Company



DeepReach is building the next-generation data infrastructure for robotics. We help customers collect, process, manage, and improve large-scale robotics data for real-world AI and deployment workflows. As we begin supporting enterprise customers and handling more sensitive customer data, security and compliance are becoming a core part of how we operate. Our infrastructure is primarily built on AWS, and we are preparing for SOC 2 and ISO 27001 with Drata as our compliance platform. We also expect to support deployments in customer-controlled environments, including customer VPCs.



About the Role



As a Senior Security & Compliance Manager (Contract), you will own the day-to-day execution of our security compliance program and help prepare the company for SOC 2 and ISO 27001 readiness and audit execution. This is a hands-on role for someone who has done this before in a cloud-based startup environment and knows how to turn an incomplete, fast-moving technical organization into an audit-ready one. You should be comfortable working inside tools like Drata, coordinating with auditors and internal stakeholders, organizing evidence, drafting and improving policies, and partnering with engineering to close control gaps. You do not need to be the person implementing every AWS or infrastructure change yourself, but you should be able to understand cloud architecture and work effectively with technical teams to identify issues, request evidence, and drive remediation. This role will start as a contract position billed hourly, with the potential to convert to a full-time role if there is a strong long-term fit.



Responsibilities



  • Own day-to-day preparation for SOC 2 and ISO 27001, including project planning, evidence collection, follow-ups, and audit coordination
  • Operate and maintain our compliance program in Drata
  • Work with the CTO and engineering team to define, document, and improve security controls across the company
  • Draft, refine, and maintain security and compliance documentation, including policies, procedures, control narratives, and supporting artifacts
  • Coordinate internal readiness efforts across access control, logging, asset inventory, vendor management, incident response, change management, backup practices, and related security domains
  • Help identify control gaps and drive remediation work to completion
  • Collect, review, and organize audit evidence in a way that is clear, complete, and auditor-friendly
  • Manage relationships with external auditors and help the company stay on track through readiness and certification timelines
  • Support recurring compliance operations such as access reviews, policy reviews, risk assessments, training records, and control testing
  • Work with technical stakeholders to understand infrastructure and deployment patterns, including AWS-based systems and customer VPC deployment requirements
  • Help improve the company’s overall security and compliance maturity in a pragmatic, startup-friendly way



Qualifications



Proven experience leading or materially owning SOC 2 and/or ISO 27001 readiness and audit execution.



Required Skills



  • Strong experience in security compliance, GRC, audit readiness, or security program operations in a startup or high-growth technology company
  • Experience using Drata is strongly preferred; equivalent experience with platforms such as Vanta or Secureframe is also acceptable
  • Ability to independently manage moving pieces across policy work, evidence collection, audit coordination, and control follow-through
  • Working knowledge of cloud infrastructure and security concepts, especially in AWS environments
  • Ability to understand technical configurations and collaborate effectively with engineering, even if you are not the primary implementer
  • Strong written communication skills and ability to produce clear, organized documentation
  • Strong project management instincts and ability to keep cross-functional efforts moving
  • High ownership mindset and comfort operating in an early-stage, fast-changing company



Preferred Skills



  • You have helped a startup successfully complete SOC 2 and/or ISO 27001
  • You have worked closely with engineering teams on cloud security and compliance controls
  • You can look at AWS-related evidence or configurations and understand what matters, what is missing, and what needs follow-up
  • You know how to keep auditors, founders, and technical teams aligned without creating unnecessary process overhead
  • You are practical, organized, and able to turn ambiguity into a concrete compliance workstream



Pay range and compensation package



This role will start as a contractor engagement billed by time, with the possibility of converting to a full-time role later if there is a strong mutual fit.



Equal Opportunity Statement



We conduct regular resume screening for applications from both channels simultaneously. If your profile passes the initial review, our team will send an interview invitation via email for further communication. After shortlisting, we will match your background to the suitable track: Computer Vision / VLA / ML Infrastructure, and share the full role details accordingly.



How to Apply



You may apply in two optional ways:



  • Directly submit your resume by applying to this position on the current job platform;
  • Visit our official website talex.ai to find and submit your application for the corresponding combined role.