Sr. IT Risk & Compliance Professional

Senior IT Risk & Compliance Professional

Looking for an innovative, high-growth, multi-award-winning company in one of the hottest segments of the security market?  Look no further than Veracode! 

Veracode is a global leader in Application Risk Management for the AI era. Powered by trillions of lines of code scans and a proprietary AI-generated remediation engine, the Veracode platform is trusted by organizations worldwide to build and maintain secure software from code creation to cloud deployment.

As a Senior IT Risk & Compliance (Customer Assurance) expert, you will be instrumental in reinforcing customer trust by communicating Veracode’s rigorous Cybersecurity, Risk management and Compliance practices. You’ll partner across internal teams, engage directly with customer stakeholders, and help ensure our GRC program meets evolving standards and expectations. 

What you will be responsible for: 

• Build Customer Trust Through Assurance 
• Manage and respond to customer security questionnaires and due diligence requests. 
• Serve as a trusted advisor to customers and prospects, clearly explaining Veracode’s security and compliance postures. 
• Support Audit & Certification Efforts 
• Support preparation for external audits, customer audits, and certification initiatives. 
• Maintain audit-ready documentation and evidence repositories, support and track remediation efforts. 
• Optimize and Innovate 
• Establish scalable and efficient processes for Customer Assurance and risk communication. 
• Own and maintain Veracode’s Customer Trust Center 
• Monitor compliance trends and customer expectations to inform continuous GRC improvement. 
• Mentor and guide junior colleagues, contributing to a culture of knowledge sharing. 
• Strengthen GRC Practices 
• Assist with IT risk assessments and control reviews; maintain compliance with frameworks such as SOC 2, FedRAMP, GDPR, and other compliance or regulatory frameworks. 
• Collaborate with Legal, IT, Engineering, Product, and Sales to align risk and compliance with business objectives. 

Required Skills:

• Bachelor’s degree in Information Security, Computer Science, Risk Management, or related field. 
• 3+ years of experience in IT risk, compliance, audit, or customer assurance—ideally within SaaS or cloud environments. 
• Ideal Candidates will have had customer focused or Go to Market experience in the past 
• Proven background with compliance frameworks (SOC 2, ISO 27001, FedRAMP, GDPR, PCI DSS). 
• Strong understanding of Security, Risk Management, Control Frameworks, and Governance. 
• Excellent communication skills—able to translate technical risk and compliance topics for varied audiences. 
• Customer-centric mindset and experience managing assurance processes. 
• Trust-builder who values clarity, transparency, and accountability. 
• Energetic, positive attitude 
• Analytical problem solver with attention to detail. 
• Collaborative and energetic team player who thrives in fast-paced environments. 
• Strong organization and project management skills  

Compensation Transparency

In accordance with U.S. pay transparency laws, Veracode provides compensation transparency for roles based in the United States. Click here to view our compensation ranges by grade. Please note, specific compensation may be influenced by various factors including candidates experience, education, and work location.

Job Grade: Senior

Employment opportunities are available to all applicants without regard to race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.