About GovSignals

We are shaping the future of government contracting with breakthrough AI‑driven solutions. We are disrupting a multi‑billion dollar industry and enabling private‑sector technologies to secure government contracts faster than ever, strengthening national security and driving economic growth.

GovSignals has built the most advanced government‑contracting AI platform available. From small businesses to Fortune 500 enterprises, our platform multiplies the opportunities contractors can pursue and empowers them to deliver fully compliant, winning proposals in hours instead of months. As one of the largest aggregators of U.S. government data, we set trends rather than follow them.

The Role: Compliance Operations Lead (NYC-Based)

We are looking for a driven Compliance Operations Lead who can sustain and enhance GovSignals multi-security environments. You will lead every facet of our security posture and compliance roadmap, guiding us through FedRAMP High, IL5, CMMC Level 2, and SOC 2 while keeping pace with an aggressive product cadence. Ideal candidates have helped modern defense or dual‑use startups achieve enterprise‑grade compliance and think creatively about automation, evidence collection, and risk reduction. You will also be the go‑to expert for internal policy, external audits, and customer trust conversations. You will have full support of the broader company to accomplish compliance goals, but you are expected to prioritize compliance as a means-to-an-end for the Product and our Customers.

Key Responsibilities

• Build and maintain the master compliance program covering FedRAMP High, IL5, CMMC Level 2, SOC 2, and related frameworks.

• Own evidence management end to end: gather artifacts, automate collection where possible, and keep everything audit‑ready at all times.

• Lead quarterly and annual security documentation cycles, coordinate penetration tests and red‑team engagements, and track remediation plans to closure.

• Act as primary liaison on security questionnaires and customer calls, clearly explaining our posture and roadmaps.

• Identify smart, outside‑of-the‑box solutions to compliance roadblocks. Help guide company roadmaps to scope and prepare for compliance changes.

• Partner with engineering to embed secure‑by‑design practices, including automated policy checks in CI/CD and infrastructure‑as‑code guardrails.

• Monitor the evolving threat landscape and propose proactive hardening measures.

Qualifications

• Three or more years leading compliance or security programs in a high‑growth technology or defense startup.

• Demonstrated success achieving and maintaining FedRAMP High Authority to Operate or equivalent high‑impact compliance goals.

• Deep familiarity with IL5, CMMC Level 2, SOC 2, NIST 800‑171, and related U.S. public‑sector frameworks.

• Proven ability to design and run automated evidence collection, policy management, and vulnerability‑tracking workflows.

• Strong written and verbal communication skills for both technical and executive audiences; comfortable leading customer security reviews.

• Experience coordinating red‑team, penetration‑test, or bug‑bounty programs and translating findings into engineering actions.

• Bonus points for hands‑on exposure to Kubernetes, Terraform, JAMF, and modern DevSecOps toolchains that accelerate compliance.
  

Why Join GovSignals?

• Top‑tier compensation for top‑tier talent.

• Premium benefits, including medical, dental, vision, and unlimited PTO.

• Work fully remote with flexible hours and a modern tech stack.

• Shape the security culture of a fast‑moving AI company serving critical public‑sector missions.

• Join a mission‑driven team that is redefining government contracting while advancing American innovation and security.
  

Ready to build a best‑in‑class security and compliance program? Apply now and help safeguard the platform that powers the next generation of government solutions.