WRITER Logo

Security Specialist GRC

🇬🇧 United Kingdom - Remote
🔒 Cybersecurity🔵 Mid-level

Job Description

🚀 About WRITER

WRITER is where the world’s leading enterprises orchestrate AI-powered work. Our vision is to expand human capacity through superintelligence. And we’re proving it’s possible – through powerful, trustworthy AI that unites IT and business teams together to unlock enterprise-wide transformation. With WRITER’s end-to-end platform, hundreds of companies like Mars, Marriott, Uber, and Vanguard are building and deploying AI agents that are grounded in their company’s data and fueled by WRITER’s enterprise-grade LLMs. Valued at $1.9B and backed by industry-leading investors including Premji Invest, Radical Ventures, and ICONIQ Growth, WRITER is rapidly cementing its position as the leader in enterprise generative AI.

Founded in 2020 with office hubs in San Francisco, New York City, Austin, Chicago, and London, our team thinks big and moves fast, and we’re looking for smart, hardworking builders and scalers to join us on our journey to create a better future of work with AI.

📐 About the role

This is your chance to shape AI governance from the ground up at one of the fastest-growing companies in enterprise AI. As a security specialist, GRC at WRITER, you’ll be building the frameworks that ensure our AI platform earns and keeps the trust of the world’s most demanding enterprises. You’re not just checking boxes—you’re creating the compliance infrastructure that enables WRITER to scale safely and securely while moving at the speed of innovation.

The opportunity here is extraordinary: you’ll work at the intersection of AI, security, and business enablement, helping define what governance looks like for enterprise AI systems that didn’t exist a few years ago. You’ll lead audit engagements for SOC 2, ISO 27001, and other critical certifications, respond to customer security assessments that directly impact major deals, and build the policies and controls that protect both our AI models and the sensitive data flowing through them. You’ll translate complex regulatory requirements into practical, business-aligned security controls while partnering with Engineering, Legal, Product, and Sales to ensure WRITER can sell into highly regulated industries without compromising our velocity.

This role can be remote within the US or hybrid from our San Francisco or New York City offices, reporting to the head of security.

🦸🏻‍♀️ What you’ll do

  • Own and drive WRITER’s security compliance program end-to-end including managing SOC 2 Type II audits, ISO Triad (27001/27701/42001) certification, and expanding our compliance coverage to meet emerging customer requirements in regulated industries like financial services and healthcare

  • Lead customer assurance efforts by responding to security questionnaires, DDQs, and RFPs from enterprise customers, maintaining our trust portal with up-to-date security documentation, and partnering with Sales to remove security blockers that could delay major deals

  • Build and maintain WRITER’s security governance framework including creating and updating security policies, access control standards, vendor risk procedures, incident response plans, and AI-specific governance documentation that addresses model training, data handling, and responsible AI deployment

  • Conduct continuous control monitoring and evidence collection by implementing automated compliance workflows, tracking remediation activities across teams, performing control testing, and ensuring we maintain audit-ready documentation throughout the year instead of scrambling before audits

  • Drive risk assessments and third-party vendor security reviews by evaluating supplier controls, identifying and quantifying security risks across our AI platform and infrastructure, and working cross-functionally to prioritize and track remediation efforts

  • Partner with Engineering and Product teams to embed compliance into the development lifecycle by reviewing architecture decisions for security and privacy implications, ensuring secure-by-design principles are followed for new AI features, and translating regulatory requirements into technical controls that developers can actually implement

  • Serve as the primary point of contact for external auditors and assessors, coordinating evidence collection, scheduling interviews, addressing findings, and ensuring audit processes run smoothly while minimizing disruption to the broader team

⭐️ What you need

  • 2+ years of hands-on experience in GRC, security compliance, or audit roles within fast-paced tech companies or startups—you understand how to build compliance programs that enable growth rather than slow it down

  • Deep working knowledge of security frameworks and certifications including SOC 2 Type II, ISO 27001, GDPR, CCPA, and familiarity with emerging AI governance requirements—you’ve led audits from planning through certification and can speak confidently about control requirements

  • Strong technical literacy that allows you to evaluate cloud security architectures, understand API security, review access control implementations, and have credible conversations with engineers about security controls—you don’t need to write code but you need to understand how systems work

  • Excellent project management abilities with the skill to juggle multiple audits, customer questionnaires, policy updates, and remediation initiatives simultaneously while keeping stakeholders informed and projects moving forward without constant oversight

  • Outstanding communication skills that enable you to explain complex compliance requirements in clear, actionable language to technical and non-technical audiences alike—you can craft policies that engineers will actually follow and present risk scenarios that executives will understand

  • Natural curiosity about AI governance and emerging regulatory landscape including AI-specific frameworks, model risk management, data privacy implications of AI training, and responsible AI principles—you’re excited to help define best practices in an evolving space

  • Alignment with WRITER’s values of Connect (building trusted relationships with customers, auditors, and cross-functional teams), Challenge (pushing beyond checkbox compliance to create governance that truly reduces risk), and Own (taking full accountability for WRITER’s security posture and customer trust)

🍩 Benefits & perks (UK full-time employees):

  • Generous PTO, plus company holidays

  • Comprehensive medical and dental insurance

  • Paid parental leave for all parents (12 weeks)

  • Fertility and family planning support

  • Early-detection cancer testing through Galleri

  • Competitive pension scheme and company contribution

  • Annual work-life stipends for:

    • Wellness stipend for gym, massage/chiropractor, personal training, etc.

    • Learning and development stipend

  • Company-wide off-sites and team off-sites

  • Competitive compensation and company stock options

Share this job:
Please let WRITER know you found this job on Remote First Jobs 🙏

46 similar remote jobs

Explore latest remote opportunities and join a team that values work flexibility.

View all jobs
WRITER logo

Security Specialist GRC

WRITER

New
Bitso logo

Information Security GRC Specialist

Bitso

New
Simeio logo

Security Awareness Specialist GRC

Simeio

New
SupportYourApp logo

Information Security Specialist

SupportYourApp

Week ago
Gemini logo

Security GRC Intern

Gemini

$104k Month ago
Secfix logo

Information Security Specialist

Secfix

3 Months ago

Remote companies like WRITER

Find your next opportunity with companies that specialize in Nlp, Ai, Generative Ai, and Ai Apps. Explore remote-first companies like WRITER that prioritize flexible work and home-office freedom.

All companies
Vectara Logo

Vectara

51-200 vectara.com

Enterprise RAG platform for AI Agents/Assistants, emphasizing accuracy and security.

View company profile →
NiCE Cognigy Logo

NiCE Cognigy

201-500 www.cognigy.com

Develops AI-powered customer service agents for enterprise contact centers.

View company profile →
Qatalog (Acquired by ClickUp) Logo

Qatalog (Acquired by ClickUp)

51-200 clickup.com

An AI-powered platform for work management, bringing together tasks, documents, goals, and communication.

View company profile →
Typeface Logo

Typeface

51-200 www.typeface.ai

An enterprise AI platform enabling marketing teams to create, personalize, and activate on-brand content at scale.

12 open positions →
Ripcord Logo

Ripcord

51-200 www.ripcord.com

Transforms documents into powerful data using proprietary robotics, AI, and cloud software.

View company profile →
Neptune Software Logo

Neptune Software

51-200 www.neptune-software.com

An AI-powered low-code platform for enterprise SAP transformation and application development.

View company profile →

Project: Career Search

Rev. 2026.2

[ Remote Jobs ]
Direct Access

We source jobs directly from 21,000+ company career pages. No intermediaries.

Search Jobs Post a Job
01

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

02

Advanced Filters

Filter by category, benefits, seniority, and more.

03

Priority Job Alerts

Get timely alerts for new job openings every day.

04

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

21,000+ SOURCES UPDATED 24/7
Apply