Security & Compliance Lead

at CompanyCam
💰 $175k-$205k
🇺🇸 United States - Remote
🔒 Cybersecurity🟣 Senior

Job description

Hi, we’re CompanyCam.

We’re a simple-to-use photo documentation and productivity app for contractors of all commercial and home services industries. Packed with intuitive functionality, CompanyCam facilitates unparalleled communication and accountability across a contractor’s entire business. We’re committed to providing a consumer-grade, game-changing experience that helps our users build trust within their company and with their customers.

But don’t let that corporate description fool you—the people behind our buttoned-up product are laid-back (but hardworking), genuine, and kickass, and you could be one of them!

The Role

We’re looking for a proactive, detail-oriented Security & Compliance Lead to own our security governance, compliance operations, and customer trust initiatives. This is a high-impact, cross-functional role, perfect for someone who thrives on translating policy into practical processes, working closely with engineers, legal, and leadership, and ensuring our systems meet the highest standards expected by customers, auditors, and regulators. You’ll be the company’s first dedicated hire in security compliance, reporting to our Director of Engineering Operations and partnering with Platform Engineering, Legal, and our vCISO to build a strong, scalable security posture.

Working at CompanyCam

Our engineering team is remote-first, spanning every time zone in the United States. We welcome people from all backgrounds and really don’t care whether or not you have a CS degree or even a high school diploma. All that matters is that you’re not an a**hole and you’re good at what you do.

At CompanyCam we’re driven to produce work with meaningful outcomes. That means not just dumping features and “improvements” but being able to reflect and learn from our outputs. We’re actively working to center our work on continuous discovery habits (CDH) as outlined by Teresa Torres.

Okay, that’s how we identify work to do, but how do we actually work? Our teams are made up of a product manager, a product designer, a tech lead and an appropriate number of engineers for the scope of your team. We take a flexible approach, pulling from Agile, Scrum, Kanban, and even Shape Up. Rather than being overly prescriptive, we provide guardrails and just enough constraints to keep teams moving. Each team is expected to collaborate, iterate, and refine their best practices to produce high-quality work.

What You’ll Do

  • Own day-to-day operations of our SOC 2 Type II compliance program (powered by Vanta), including evidence collection, control monitoring, and audit readiness
  • Serve as the security & compliance subject matter expert for engineering and product teams, maintaining internal documentation and consulting during product design and delivery
  • Coordinate annual third-party penetration testing: schedule tests, triage findings, track remediation, and schedule retests
  • Manage and maintain our customer-facing Trust Center, ensuring disclosures on security, privacy, and compliance are current
  • Review procurement and vendor contracts for security-related requirements and risks
  • Respond to security questionnaires and due diligence requests from prospective customers and partners
  • Collaborate with Legal to translate regulatory and contractual requirements into clear engineering specifications and support subpoena responses
  • Maintain and improve security policies, conduct risk assessments, and support remediation efforts across teams
  • Promote a strong security culture through awareness training and supporting secure-by-default engineering practices
  • Stay informed about emerging threats and evolving compliance obligations

The Impact You’ll Have

  • Be the cornerstone of CompanyCam’s security and compliance, directly influencing customer trust and satisfaction
  • Enable engineering and product teams to build and ship with confidence by embedding security and compliance best practices early in development
  • Drive continuous improvement in our security posture, helping scale governance sustainably as we grow
  • Strengthen CompanyCam’s market position by maintaining a robust Trust Center and ensuring compliance with evolving regulations
  • Collaborate cross-functionally to shape security culture and practices, empowering teams and reducing organizational risk

What You’ll Bring

Must-haves

These are our non-negotiables:

  • Show up: Have the courage to do difficult but necessary work
  • Grow up: Take ownership, learn continuously, and bring a growth mindset
  • Do good: Treat your teammates and customers the way you’d want to be treated
  • 4+ years experience in security compliance, GRC, or a related function, ideally in a B2B SaaS environment
  • Hands-on experience with SOC 2, ISO 27001, GDPR, CCPA/CPRA, or similar compliance frameworks
  • Experience supporting or administering a GRC platform like Vanta, Drata, or Tugboat Logic
  • Skilled in managing security questionnaires, audit evidence collection, and vendor risk assessments
  • Strong written communication skills, able to translate complex compliance requirements into clear, actionable guidance
  • Comfortable working cross-functionally with engineering, legal, external auditors, and customers
  • Track record of maintaining or building Trust Centers and compliance documentation
  • You live and work permanently in the U.S. (We’re not set up to hire outside the U.S.)

Nice-to-haves

  • Familiarity with incident response planning, subpoena/data disclosure workflows, and DevSecOps principles
  • Experience promoting security awareness and embedding secure-by-default practices in engineering teams
  • Ability to play a foundational role in growing security maturity and compliance posture over time

Benefits & Compensation

This is a salaried position at CompanyCam. Our salary range is $175,000 - $205,000 per year and is based on experience.  We also offer meaningful equity and other benefits.

CompanyCam is an equal-opportunity employer committed to respect, inclusion, and growth. We work hard, take responsibility, and support each other. Great ideas come from all backgrounds, and we carefully consider every applicant without regard to personal characteristics or traits. Even if your work experience doesn’t align perfectly, we encourage you to apply. What really matters to us is your potential, your passion, and your commitment to learning, innovation, and contributing meaningfully to our team.

For any accommodations or technical issues related to the online application or interview process, please email [email protected] and we’ll respond promptly. Please do not include any medical or health information in your message.

Note: Resumes sent to this email will not be reviewed or responded to. To be considered for a position, you must apply directly through our careers page.

Share this job:
Please let CompanyCam know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Latest Jobs at CompanyCam

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply