Principal Security & Compliance Advisor, Outpost

This is a fully remote position, open to applicants in United States.

📋 Description

• Act as a senior security and compliance consultant for Outpost clients, focusing on financial firms, including venture capital, private equity, hedge funds, family offices, both ERAs and RIAs, and various investment firms, as well as selected technology and biotech startups.

• Facilitate consultative discussions with clients regarding governance, risk management, compliance readiness, secure AI adoption, security planning, vendor selection, audit preparation, due diligence questionnaires (DDQs), cybersecurity insurance, incident readiness, and operational workflows.

• Convert client business objectives into actionable security and compliance strategies that are transparent, prioritized, and feasible.

• Assist clients in understanding, evaluating, and securely implementing AI tools, encompassing usage policies, data handling expectations, vendor risk considerations, access controls, employee guidance, and practical governance frameworks.

• Contribute to the design, documentation, and continuous enhancement of Outpost’s service delivery playbooks, templates, project plans, assessment methodologies, and client-facing outputs.

• Provide leadership-level strategic planning and project management throughout ongoing client engagements.

• Support clients in achieving or maintaining compliance with various frameworks and requirements, including SOC 2, ISO 27001, NIST CSF, CIS Controls, CCPA, GDPR, HIPAA-adjacent requirements, and other pertinent security or privacy obligations.

• Evaluate and enhance client processes such as onboarding, offboarding, access reviews, vendor risk management, business continuity, disaster recovery, incident response, policy management, and control monitoring.

• Counsel on and assist in the implementation of systems and tools in areas such as compliance automation, identity and access management, endpoint security, MDR, SIEM, vulnerability management, MDM, backup and recovery, AI productivity platforms, and security awareness.

• Collaborate with Pliancy teams to align security and compliance recommendations with the necessary IT systems, workflows, and support models to ensure effective implementation.

• Produce high-quality internal and client-facing documentation that enhances clarity, repeatability, and overall client experience.

• Share market insights, client feedback, recurring challenges, and delivery lessons with Outpost leadership to assist in productizing the service offering.

• Contribute to shaping future hiring, operational processes, and service standards as Outpost expands.

⛳️ Requirements

• Over 5 years of experience in security, compliance, GRC, vCISO, security consulting, advisory roles, MSP/MSSP, or a similar client-facing security position.

• Robust understanding of security and compliance areas such as governance, risk management, control assessments, access controls, audit readiness, vendor risk, incident response, vulnerability management, business continuity, and data protection.

• Experience providing guidance to executives or senior operators on security and compliance matters.

• Proven capability in translating frameworks, audit requirements, regulatory expectations, or emerging technology risks into actionable workstreams.

• Familiarity with frameworks and standards including ISO 27001, NIST CSF, NIST 800-53, CIS Controls, CCPA, GDPR, and HIPAA.

• Comfortable working with clients in finance, investment management, venture capital, private equity, hedge funds, family offices, startups, technology, or biotech sectors.

• Proficient in advising clients on responsible AI usage, including secure adoption, acceptable use, data protection, vendor evaluation, employee empowerment, and business-process implications.

• Ability to communicate effectively with both technical and non-technical audiences.

• Strong client-service instincts, including follow-up, attentiveness, responsiveness, expectation management, and sound judgment under pressure.

• Capability and willingness to thoroughly document processes, decisions, risks, controls, assets, and recommendations.

• Practical understanding of common security tool categories, including IAM, MDM, EDR/XDR, MDR, SIEM, vulnerability management, backup and recovery, compliance automation, and security awareness platforms.

• Practical knowledge of how AI tools are integrated into modern businesses, including common risks associated with sensitive data, access, vendor agreements, employee utilization, workflow design, and governance.

• Proven ability to quickly learn new technologies, client environments, and business contexts.

• A sense of ownership and pride in your work.

• A collaborative mindset, emphasizing teamwork, communication, documentation, process enhancement, and collective success.

• Authorization to work in the United States for any employer.

🏝️ Benefits

• Healthcare: Premiums for our base-level healthcare plan are fully covered for employees and partially covered for dependents, with options to upgrade and additional dental and vision plans available.

• A company-funded HRA account to assist with medical copays, deductibles, and coinsurance.

• 401(k) matching to support your long-term financial planning.

• Unlimited paid time off (PTO).

• Paid leave for new parents, including those who adopt, to assist with family growth.

• Employee stock options, allowing you to partake in Pliancy’s success.