Sydney, New South Wales, Australia · Remote OK
Who are we? At UpGuard, we are replacing manual security bottlenecks with AI-driven precision. Fresh off a US$75M Series C, we are scaling our infrastructure to process 100 billion risk signals daily. This isn’t just gro…
Skills: GRC Strategy, Third-Party Risk Management, SOC 2 Compliance, Information Security Audit, Vendor Security Review
Los Angeles, California, United States · Remote OK
$100k–$130k/yr
Who are we? At UpGuard, we are replacing manual security bottlenecks with AI-driven precision. Fresh off a US$75M Series C, we are scaling our infrastructure to process 100 billion risk signals daily. This isn’t just gro…
Skills: Post-sales Technical Support, Solution Architecture, Cybersecurity, GRC Landscape, REST APIs
Melbourne, Victoria, Australia · Remote OK
Who are we? At UpGuard, we are replacing manual security bottlenecks with AI-driven precision. Fresh off a US$75M Series C, we are scaling our infrastructure to process 100 billion risk signals daily. This isn’t just gro…
Skills: GRC Strategy, Third-Party Risk Management, SOC 2 Compliance, Vendor Security Reviews, Risk Management Frameworks
Los Angeles, California, United States · Remote OK
Who are we? At UpGuard, we are replacing manual security bottlenecks with AI-driven precision. Fresh off a US$75M Series C, we are scaling our infrastructure to process 100 billion risk signals daily. This isn’t just gro…
Skills: Post-sales Technical Support, Solution Architecture, Cybersecurity, GRC, REST APIs
Los Angeles, California, United States · Remote OK
Who are we? At UpGuard, we are replacing manual security bottlenecks with AI-driven precision. Fresh off a US$75M Series C, we are scaling our infrastructure to process 100 billion risk signals daily. This isn’t just gro…
Skills: Legal Strategy, Compliance Program Management, Data Privacy, SaaS Contracting, Corporate Governance
Los Angeles, California, United States · Remote OK
$400k–$500k/yr
Who are we? At UpGuard, we are replacing manual security bottlenecks with AI-driven precision. Fresh off a US$75M Series C, we are scaling our infrastructure to process 100 billion risk signals daily. This isn’t just gro…
Skills: Legal Strategy, Compliance Program Management, Data Privacy, SaaS Contracting, Corporate Governance
London, England, United Kingdom · Remote OK
Who are we? At UpGuard, we are replacing manual security bottlenecks with AI-driven precision. Fresh off a US$75M Series C, we are scaling our infrastructure to process 100 billion risk signals daily. This isn’t just gro…
Skills: Outbound Sales, Cold Calling, Email Sequencing, LinkedIn Prospecting, CRM Management
Los Angeles, California, United States · Remote OK
Who are we? At UpGuard, we are replacing manual security bottlenecks with AI-driven precision. Fresh off a US$75M Series C, we are scaling our infrastructure to process 100 billion risk signals daily. This isn’t just gro…
Skills: Partner Marketing, Field Event Planning, Channel Marketing, Project Management, Stakeholder Management
Austin, Texas, United States · Remote OK
Who are we? At UpGuard, we are replacing manual security bottlenecks with AI-driven precision. Fresh off a US$75M Series C, we are scaling our infrastructure to process 100 billion risk signals daily. This isn’t just gro…
Skills: Customer Success Management, Project Management, Account Management, Cyber Risk Management, Relationship Building
Los Angeles, California, United States · Remote OK
$120k–$150k/yr
Who are we? At UpGuard, we are replacing manual security bottlenecks with AI-driven precision. Fresh off a US$75M Series C, we are scaling our infrastructure to process 100 billion risk signals daily. This isn’t just gro…
Skills: Partner Marketing, Field Events, Channel Marketing, B2B Event Planning, Project Management
Los Angeles, California, United States · Remote OK
Who are we? At UpGuard, we are replacing manual security bottlenecks with AI-driven precision. Fresh off a US$75M Series C, we are scaling our infrastructure to process 100 billion risk signals daily. This isn’t just gro…
Skills: Sales Development Strategy, Pipeline Generation, B2B SaaS Leadership, AI-Driven Workflows, Outbound Revenue Growth
Sydney, New South Wales, Australia · Remote OK
Who are we? At UpGuard, we are replacing manual security bottlenecks with AI-driven precision. Fresh off a US$75M Series C, we are scaling our infrastructure to process 100 billion risk signals daily. This isn’t just gro…
Skills: Marketing Analytics, Attribution Modeling, dbt, BigQuery, Business Intelligence
Sydney, New South Wales, Australia · Remote OK
Who are we? At UpGuard, we are replacing manual security bottlenecks with AI-driven precision. Fresh off a US$75M Series C, we are scaling our infrastructure to process 100 billion risk signals daily. This isn’t just gro…
Skills: Analytics Engineering, dbt, SQL, BigQuery, B2B SaaS Revenue Modeling
Melbourne, Victoria, Australia · Remote OK
Who are we? At UpGuard, we are replacing manual security bottlenecks with AI-driven precision. Fresh off a US$75M Series C, we are scaling our infrastructure to process 100 billion risk signals daily. This isn’t just gro…
Skills: Infrastructure as Code, Terraform, OpenTofu, Google Cloud Platform, Kubernetes
Sydney, New South Wales, Australia · Remote OK
Who are we? At UpGuard, we are replacing manual security bottlenecks with AI-driven precision. Fresh off a US$75M Series C, we are scaling our infrastructure to process 100 billion risk signals daily. This isn’t just gro…
Skills: Infrastructure as Code, Terraform, OpenTofu, Google Cloud Platform, Kubernetes
Los Angeles, California, United States · Remote OK
Who are we? At UpGuard, we are replacing manual security bottlenecks with AI-driven precision. Fresh off a US$75M Series C, we are scaling our infrastructure to process 100 billion risk signals daily. This isn’t just gro…
Skills: Product Marketing, Market Research, Competitive Analysis, Product Positioning, Messaging
Sydney, New South Wales, Australia · Remote OK
Who are we? At UpGuard, we are replacing manual security bottlenecks with AI-driven precision. Fresh off a US$75M Series C, we are scaling our infrastructure to process 100 billion risk signals daily. This isn’t just gro…
Skills: Product Marketing, Market Research, Competitive Analysis, Product Positioning, Messaging
Sydney, New South Wales, Australia · Remote OK
Who are we? At UpGuard, we are replacing manual security bottlenecks with AI-driven precision. Fresh off a US$75M Series C, we are scaling our infrastructure to process 100 billion risk signals daily. This isn’t just gro…
Skills: JavaScript, React, Go, Postgres, Kubernetes
Austin, Texas, United States · Remote OK
Who are we? At UpGuard, we are replacing manual security bottlenecks with AI-driven precision. Fresh off a US$75M Series C, we are scaling our infrastructure to process 100 billion risk signals daily. This isn’t just gro…
Skills: Sales Leadership, Pipeline Generation, SDR Coaching, HubSpot, AI Implementation
San Clemente, California, United States · On-site
Who are we? At UpGuard, we are replacing manual security bottlenecks with AI-driven precision. Fresh off a US$75M Series C, we are scaling our infrastructure to process 100 billion risk signals daily. This isn’t just gro…
Skills: Sales Leadership, Pipeline Generation, SDR Coaching, HubSpot, AI Implementation
Sign up with Clera and we'll reach out the moment a role actually fits you — no more spraying applications into the void.
Lead the InfoSec Governance, Risk, and Compliance function, focusing on technology risk and the annual SOC 2 Type II audit cycle. Manage third-party risk evaluations and partner with procurement and legal teams to ensure vendor security compliance.
Requires 4+ years of experience in InfoSec, IT Audit, or GRC within a cloud-based environment. Candidates should have expertise in GRC tooling, TPRM, and the ability to translate technical risks into business impacts.
At UpGuard, we are replacing manual security bottlenecks with AI-driven precision. Fresh off a US$75M Series C, we are scaling our infrastructure to process 100 billion risk signals daily. This isn’t just growth; it’s a total reimagining of how the world manages cyber risk.
We build the Cyber Risk Posture Management (CRPM) platform that security teams actually love. By integrating security ratings, threat intel, and agentic AI, we empower organisations to stay ahead of an ever evolving attack surface.
We aren’t just building another tool; we’re defining a category. We provide the autonomy to ship world-class technology and the resources to do it at a global scale.
Our Operations function consists of the IT, Legal, People, Finance and Analytics teams. We are here to be a key enabler to our other teams at UpGuard. Efficiency, scale and rich insights are some of the key contributions that this team brings to the table. We look to the future and solve really interesting challenges that will unlock Upguard’s ability to grow sustainably and efficiently through optimised systems and processes.
As UpGuard continues to rapidly expand, we're looking for a seasoned InfoSec Governance Risk and Compliance Lead to spearhead our information security risk and compliance initiatives. Reporting directly to the CISO, you will own the strategy and execution of our cybersecurity compliance programs, lead cross-functional risk management efforts, and ensure our systems and processes align with world-class security standards. Additionally, you will play a critical role in supporting our procurement and vendor management pipelines, ensuring all third-party relationships meet our stringent security and compliance requirements.
\nWhat will you do?Lead GRC Strategy: Drive the development, maturity, and execution of UpGuard’s InfoSec Governance, Risk, and Compliance function, with primary ownership over technology and cybersecurity risk.
Optimize Procurement & Vendor Security: Partner closely with procurement, legal, and business stakeholders to embed security reviews into the purchasing lifecycle. Lead Third-Party Risk Management (TPRM) evaluations for new and existing vendors.
Contract & Legal Support: Review security exhibits, Data Processing Agreements, and security questionnaires during procurement negotiations to safeguard UpGuard and its customers.
Enterprise Collaboration: Partner with the CISO to contribute expert analysis on broader enterprise and operational risk matters, ensuring a unified approach to risk management.
Own the Risk Management Process: Architect and run the technology and security components of the Risk Management process. You will maintain, continually improve, and deliver executive-ready reporting on trends, vulnerabilities, and strategic insights.
Champion SOC 2 & Security Compliance: Formally own the technology and security control components of UpGuard’s annual SOC 2 Type II audit cycle. Design, manage, and coordinate remediations and improvements stemming from prior cycles, incident post-mortems, and internal assessments.
Build Trust & Product Alignment: Work cross-functionally with the Product team to develop public-facing trust documentation, while identifying security control gaps and improvement opportunities within the Product Development Life Cycle (PDLC).
Policy Governance: Draft, implement, and maintain a robust framework of InfoSec policies, standards, processes, and guidelines tailored to an evolving threat landscape.
Security Culture: Design and implement comprehensive, company-wide security awareness and compliance training programs utilizing the MindTickle platform.
Core Experience: 4+ years of dedicated experience in Information Security, IT Audit, or GRC within a technical, cloud-based landscape.
Risk & GRC Tooling Expertise: Deep familiarity and hands-on experience with modern technology risk management frameworks, GRC platforms, and Third-Party Risk Management (TPRM) tools.
Procurement & Legal Acumen: Experience partnering with procurement, legal, and privacy teams across diverse geographic areas (e.g., GDPR/CCPA, anti-corruption) to review vendor contracts, technical agreements, and security exhibits.
Strategic Communication: A clear, collaborative communicator capable of translating complex technical risks into clear business impacts for stakeholders, customers, and vendors.
Autonomy & Ownership: The ability to work independently, take swift initiative, and manage the fine details while never losing sight of long-term strategic goals.
Problem-Solving Mindset: A skillful issue-spotter and adaptive learner who can confidently navigate ambiguity and evaluate legal/business risk trade-offs.
Collaborative Nature: High ethical standards, meticulous attention to detail, a team-first attitude, and a dual passion for teaching and learning.
Advanced Experience: 6+ years of experience, including at least 2 years in a dedicated lead or senior-level capacity within a fast-growing B2B SaaS environment.
Audit Mastery: A proven track record of successfully owning and leading complex, multi-stakeholder security audits from scratch (specifically SOC 2 Type II, ISO 27001, or NIST frameworks).
Industry Certifications: Relevant professional certifications such as CISA, CRISC, CISM, or CISSP.
Scalability Mindset: Demonstrated experience scaling a GRC and vendor security function alongside a rapidly expanding global startup.
#LI-BW1
UpGuard is a Certified Great Place to Work® in the US, Australia, UK and India, establishing its position as a leading global technology employer. 99% of team members agree that UpGuard is a great place to work, apply now to find out why!
As an Equal Employment Opportunity and Affirmative Action Employer, qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status.
For applications to positions in the United States, please note, at this time we can only support hiring in the following US states: CA, MD, MA, IL, OR, WA, CO, TX, FL, PA, LA, MO, or DC.
Before starting work with us, you will need to undertake a national police history check and reference checks. Also please note that at this time, we cannot support candidates requiring visa sponsorship or relocation.
We're on a mission to protect the world's data.
UpGuard is the only platform that unifies cyber risk management across the vendor supply chain, attack surface, and human workforce. By integrating third-party security ratings, vendor questionnaires, and threat intelligence into actionable signals, the platform provides a single source of truth for risk posture. This centralized cyber risk oversight helps organizations identify exposures and prevent breaches before they are exploited. Explore core CRPM modules in the Products tab above.
Offices: 650 Castro St, Ste 120-387, Mountain View, California 94041, US · 201 Elizabeth Street, Suite 21.02, Level 21, Sydney CBD, New South Wales 2000, AU · 64-68 Liverpool St, Hobart CBD, Tasmania 7000, AU
We're on a mission to protect the world's data.
UpGuard is the only platform that unifies cyber risk management across the vendor supply chain, attack surface, and human workforce. By integrating third-party security ratings, vendor questionnaires, and threat intelligence into actionable signals, the platform provides a single source of truth for risk posture. This centralized cyber risk oversight helps organizations identify exposures and prevent breaches before they are exploited. Explore core CRPM modules in the Products tab above.
Offices: 650 Castro St, Ste 120-387, Mountain View, California 94041, US · 201 Elizabeth Street, Suite 21.02, Level 21, Sydney CBD, New South Wales 2000, AU · 64-68 Liverpool St, Hobart CBD, Tasmania 7000, AU
