Fractional CISO

Summary

Join Trunk Tools, a leading AI company revolutionizing the construction industry, and contribute to our mission of building the future of construction through intelligent automation. As a Security Compliance Specialist, you will play a crucial role in ensuring ongoing SOC 2 compliance, responding to customer security questionnaires, supporting audits, and maintaining comprehensive security documentation. This part-time, remote position offers flexible hours and a competitive hourly rate. We are seeking a detail-oriented individual with 3-5 years of experience in security compliance, a strong understanding of SOC 2 requirements, and excellent communication skills. The ideal candidate will be proactive, a problem-solver, and comfortable working with compliance platforms like Vanta. This is a contract position with the potential for extension or transition to a full-time role.

Requirements

• 3-5 years of experience in security compliance roles, with a strong focus on SOC 2 compliance and handling security questionnaires
• In-depth understanding of SOC 2 requirements and experience working with compliance platforms like Vanta
• Excellent written and verbal communication skills, with the ability to effectively convey complex security concepts to both technical and non-technical stakeholders
• Strong attention to detail, especially when documenting processes or addressing compliance concerns
• Familiarity with audit processes, evidence collection, and working with external auditors to achieve compliance goals
• Ability to anticipate security and compliance needs, propose solutions, and execute them effectively

Responsibilities

• Ensure ongoing compliance with SOC 2 requirements, working closely with Vanta to identify, remediate, and monitor compliance issues, maintaining our certification status
• Take ownership of responding to customer security questionnaires, collaborating with internal teams to gather the necessary information and provide accurate, timely responses
• Prepare for and manage SOC 2 audits, including the collection of evidence, coordination with auditors, and implementation of audit recommendations
• Develop, update, and maintain security-related documentation and processes, ensuring they are clear, comprehensive, and align with industry best practices
• Proactively identify areas for improvement in our security and compliance processes, proposing and implementing solutions to enhance our overall security posture

Benefits

• A close-knit and collaborative early-stage startup environment where every voice is heard and every opinion matters
• Access to company resources and tools to ensure effective job performance
• Flexibility to balance work with other commitments, with the potential for contract extension or transition to a full-time role
• Competitive hourly rate, commensurate with experience