Linear22 дня назад

Compliance & Trust Lead

Полная занятостьУдалёнка

Обязанности

  • 01Operate and extend Linear's compliance program end-to-end — maintain and mature our SOC 2 Type II, ISO 27001, and other relevant certifications (roadmap: ISO 27701, ISO 42001) while keeping audit overhead low and evidence collection as automated as possible
  • 02Be the primary point of contact for security questionnaires, customer trust reviews, and enterprise procurement conversations — turn what's often a bottleneck into a competitive advantage
  • 03Run our risk management program — identify emerging risks across the product, infrastructure, and vendor landscape, drive remediation with the right owners, and surface clear signal to leadership
  • 04Partner closely with engineering to embed compliance controls into how we build — shape policy and tooling so security requirements land early in the development process, not as a retrofit
  • 05Manage our third-party risk program — evaluate vendors and subprocessors, maintain our inventory, and ensure our supply chain meets the bar we hold ourselves to on both security and privacy
  • 06Help scale the GRC function with automation — reduce manual toil, build durable processes, and ensure the program grows with the business without linearly growing headcount

Требования

  • 01A seasoned GRC practitioner — you have 7+ years in compliance and customer trust, ideally in a B2B SaaS or developer tools environment, and you've seen enough audit cycles to know where the sharp edges are
  • 02Framework-fluent and privacy-aware — you have deep hands-on experience with SOC 2 and ISO 27001, understand how privacy regulations like GDPR and CCPA intersect with security controls, and can reason about new frameworks from first principles
  • 03A builder, not just an operator — you see manual compliance work as a problem to be designed away, default to scalable processes over manual workflows, have used tools like Vanta, Drata, or similar platforms to do it
  • 04A trusted partner, internally and externally — you work fluidly with engineering, legal, and customers alike; you can explain a control design to a skeptical customer, draft a crisp policy, and write a risk summary leadership will actually read
  • 05Autonomy-oriented — you're comfortable operating with significant independence, setting your own priorities, and knowing when to loop in leadership, without needing to be managed closely
  • 06Pragmatic over procedural — you optimize for reducing real risk, not checking boxes, and you know the difference

Условия

  • 01Competitive salary and equity
  • 02Employee-friendly equity terms including early exercise in the US and extended exercise windows
  • 03Daily meal and coffee stipend on every workday
  • 04Paid co-working space or desk
  • 05Health coverage (based on country requirements)
  • 065 weeks paid vacation, plus local statutory holidays
  • 074 months paid parental leave
  • 08Paid month off after 4 years & every 2 years thereafter
  • 09Regular team events and off-sites
  • 10Remote-first with no required commute