Manager of Infosec and Compliance

Summary

Join Tapcheck as a hands-on security leader to build and evolve the security function. You will define and drive security strategy, embed compliance practices (SOC 2, CCPA, GDPR), and manage incidents. This role offers a remote or hybrid option (Plano, TX area). You will collaborate with cross-functional teams (Engineering, DevOps, IT, Legal, Sales), manage compliance programs, and design secure infrastructure practices in Azure. Lead incident response, manage security questionnaires, and maintain relationships with security vendors. The ideal candidate has 6+ years in Information Security with 2+ years in a leadership role, experience in startups, and familiarity with relevant compliance standards and cloud security.

Requirements

• 6+ years in Information Security, with 2+ years in a leadership or management role
• Proven experience leading compliance efforts, managing audits, and owning incident response processes
• Experience implementing and managing Security Posture Management (SPM) practices and tools across Cloud, Data, Identity, and Application domains
• Plan and run cross-functional security tabletop exercises to test and improve incident readiness across teams
• Familiarity with SOC 2 Type II, GDPR, CCPA, and cloud-native security best practices
• Hands-on experience with Azure security services and tools

Responsibilities

• Own the security function and lead strategy, execution, and representation across internal and external stakeholders
• Drive security and compliance efforts across Engineering, DevOps, IT, Legal, and Sales—embedding standards like SOC 2, CCPA, and GDPR into scalable practices
• Operate with autonomy to shape the security roadmap, manage incidents, and continuously improve posture without day-to-day direction
• Lead and manage compliance programs, including maintaining our compliance automation framework and ensuring audit readiness
• Design and guide secure infrastructure practices in collaboration with DevOps and Engineering, particularly in Azure cloud environments
• Conduct and manage penetration testing and DAST/SAST scans; oversee vulnerability tracking and remediation
• Plan and run cross-functional security tabletop exercises to test and improve incident readiness across teams
• Implement and maintain Security Posture Management (SPM) best practices across Cloud, Data, Identity, and Application layers using modern platforms and tools
• Maintain and evolve security policies and governance frameworks to stay ahead of changing regulatory and threat landscapes
• Lead incident response processes from triage to resolution, root cause analysis, and preventative strategy development
• Manage and respond to security questionnaires; maintain our Trust Portal to reflect current security posture and documentation
• Own relationships with key security vendors, including pen testing, tools, and consulting partners

Preferred Qualifications

• Strong preference for candidates who have worked at small startups and helped scale security programs or teams
• Preferred certifications: CISSP, CISM, CEH, or equivalent

Benefits

• Flexible Paid Time Off
• Health Insurance
• Dental Insurance
• Vision Insurance
• 401K Match