Linear22 дня назад
Compliance & Trust Lead
Полная занятостьУдалёнка
Обязанности
- 01Operate and extend Linear's compliance program end-to-end — maintain and mature our SOC 2 Type II, ISO 27001, and other relevant certifications (roadmap: ISO 27701, ISO 42001) while keeping audit overhead low and evidence collection as automated as possible
- 02Be the primary point of contact for security questionnaires, customer trust reviews, and enterprise procurement conversations — turn what's often a bottleneck into a competitive advantage
- 03Run our risk management program — identify emerging risks across the product, infrastructure, and vendor landscape, drive remediation with the right owners, and surface clear signal to leadership
- 04Partner closely with engineering to embed compliance controls into how we build — shape policy and tooling so security requirements land early in the development process, not as a retrofit
- 05Manage our third-party risk program — evaluate vendors and subprocessors, maintain our inventory, and ensure our supply chain meets the bar we hold ourselves to on both security and privacy
- 06Help scale the GRC function with automation — reduce manual toil, build durable processes, and ensure the program grows with the business without linearly growing headcount
Требования
- 01A seasoned GRC practitioner — you have 7+ years in compliance and customer trust, ideally in a B2B SaaS or developer tools environment, and you've seen enough audit cycles to know where the sharp edges are
- 02Framework-fluent and privacy-aware — you have deep hands-on experience with SOC 2 and ISO 27001, understand how privacy regulations like GDPR and CCPA intersect with security controls, and can reason about new frameworks from first principles
- 03A builder, not just an operator — you see manual compliance work as a problem to be designed away, default to scalable processes over manual workflows, have used tools like Vanta, Drata, or similar platforms to do it
- 04A trusted partner, internally and externally — you work fluidly with engineering, legal, and customers alike; you can explain a control design to a skeptical customer, draft a crisp policy, and write a risk summary leadership will actually read
- 05Autonomy-oriented — you're comfortable operating with significant independence, setting your own priorities, and knowing when to loop in leadership, without needing to be managed closely
- 06Pragmatic over procedural — you optimize for reducing real risk, not checking boxes, and you know the difference
Условия
- 01Competitive salary and equity
- 02Employee-friendly equity terms including early exercise in the US and extended exercise windows
- 03Daily meal and coffee stipend on every workday
- 04Paid co-working space or desk
- 05Health coverage (based on country requirements)
- 065 weeks paid vacation, plus local statutory holidays
- 074 months paid parental leave
- 08Paid month off after 4 years & every 2 years thereafter
- 09Regular team events and off-sites
- 10Remote-first with no required commute