Compliance Operations Lead - GovSignals : Job Details

About GovSignals We are shaping the future of government contracting with breakthrough AIdriven solutions. We are disrupting a multibillion dollar industry and enabling privatesector technologies to secure government contracts faster than ever, strengthening national security and driving economic growth. GovSignals has built the most advanced governmentcontracting AI platform available. From small businesses to Fortune 500 enterprises, our platform multiplies the opportunities contractors can pursue and empowers them to deliver fully compliant, winning proposals in hours instead of months. As one of the largest aggregators of U.S. government data, we set trends rather than follow them. The Role: Compliance Operations Lead (NYC-Based) We are looking for a driven Compliance Operations Lead who can sustain and enhance GovSignals multi-security environments. You will lead every facet of our security posture and compliance roadmap, guiding us through FedRAMP High, IL5, CMMC Level 2, and SOC 2 while keeping pace with an aggressive product cadence. Ideal candidates have helped modern defense or dualuse startups achieve enterprisegrade compliance and think creatively about automation, evidence collection, and risk reduction. You will also be the goto expert for internal policy, external audits, and customer trust conversations. You will have full support of the broader company to accomplish compliance goals, but you are expected to prioritize compliance as a means-to-an-end for the Product and our Customers. Key Responsibilities

• Build and maintain the master compliance program covering FedRAMP High, IL5, CMMC Level 2, SOC 2, and related frameworks.
• Own evidence management end to end: gather artifacts, automate collection where possible, and keep everything auditready at all times.
• Lead quarterly and annual security documentation cycles, coordinate penetration tests and redteam engagements, and track remediation plans to closure.
• Act as primary liaison on security questionnaires and customer calls, clearly explaining our posture and roadmaps.
• Identify smart, outsideof-thebox solutions to compliance roadblocks. Help guide company roadmaps to scope and prepare for compliance changes.
• Partner with engineering to embed securebydesign practices, including automated policy checks in CI/CD and infrastructureascode guardrails.
• Monitor the evolving threat landscape and propose proactive hardening measures.

Qualifications

• Three or more years leading compliance or security programs in a highgrowth technology or defense startup.
• Demonstrated success achieving and maintaining FedRAMP High Authority to Operate or equivalent highimpact compliance goals.
• Deep familiarity with IL5, CMMC Level 2, SOC 2, NIST 800171, and related U.S. publicsector frameworks.
• Proven ability to design and run automated evidence collection, policy management, and vulnerabilitytracking workflows.
• Strong written and verbal communication skills for both technical and executive audiences; comfortable leading customer security reviews.
• Experience coordinating redteam, penetrationtest, or bugbounty programs and translating findings into engineering actions.
• Bonus points for handson exposure to Kubernetes, Terraform, JAMF, and modern DevSecOps toolchains that accelerate compliance.

Why Join GovSignals?

• Toptier compensation for toptier talent.
• Premium benefits, including medical, dental, vision, and unlimited PTO.
• Work fully remote with flexible hours and a modern tech stack.
• Shape the security culture of a fastmoving AI company serving critical publicsector missions.
• Join a missiondriven team that is redefining government contracting while advancing American innovation and security.

Ready to build a bestinclass security and compliance program? Apply now and help safeguard the platform that powers the next generation of government solutions.