We’re a payments processing company partnering with health and wellness enterprises that rely on us to handle sensitive payment and health data. Security is at the core of everything we do. We require, and customers expect, SOC2 Type II compliance and rigorous security programs —this role formalizes the security programs we’ve started and will help build a best-in-class security foundation.
This is your chance to shape security at a fast-growing startup from the ground up. If you thrive in autonomous environments, love building programs from scratch, and want to own security initiatives directly impacting revenue, this role is for you.
What You’ll DoLead SOC2 Type II Compliance – Own the end-to-end process, including risk assessments, audits, and evidence collection.
Governance, Risk, and Compliance (GRC) – Respond to customer security questionnaires and build scalable processes to streamline responses.
Security Tooling & Implementation – Drive adoption of MDMs, virus scanners, and vulnerability management across our full stack.
Incident Response & Risk Mitigation – Develop security monitoring, respond to incidents, and proactively harden our systems before issues arise.
Cross-Team Collaboration – Work directly with engineering, sales, and customer success teams
Support Security in IT - Manage and enforce that company owned devices are provisioned and secure. Ensure permissions and access are granted when appropriate
5+ years of experience in security engineering, compliance, or security operations.
Hands-on experience with SOC2 Type II audits—either leading them or playing a significant role.
Strong background in vulnerability management, endpoint security, and secure software development practices.
Familiarity with MDMs, antivirus tools, SIEMs, and web security best practices.
Experience working with GRC teams and responding to enterprise security questionnaires.
Ability to work autonomously and drive initiatives without excessive oversight.
Scrappy attitude and a willingness to do the dirty work to make a successful startup
Bonus: Experience in payments, fintech, or healthcare security.
🚀 Get in on the ground floor – Build security at a company that prioritizes it from day one.
🔑 High autonomy – Own security initiatives and define how security is done at scale.
📈 Growth opportunities – Be the first dedicated security hire with the potential to grow into a leadership role.
💡 Work on impactful problems – Protect sensitive payment and health data while helping close high-value enterprise deals.
🌎 Remote-friendly – Work from anywhere in the US while collaborating with top-tier engineers.
If you're passionate about security and want to shape the future of security at a growing startup, we’d love to hear from you!
Top Skills
Similar Jobs
What you need to know about the Colorado Tech Scene
Key Facts About Colorado Tech
- Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
- Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
- Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
- Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
- Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute
