Solutions Lead, GRC & Trust (SOC 2, Privacy, & AI)

Описание вакансии

Solutions Lead, GRC & Trust (SOC 2, Privacy, & AI)

Location: Remote or Raleigh, NC

About Greenplaces

We’re on a mission to make sustainability and compliance a competitive advantage for businesses of all sizes - not just the Fortune 500. As global supply chains become increasingly scrutinized, Greenplaces helps companies navigate the complex web of reporting requirements from their own customers. Through our innovative software and services, we empower businesses to measure their carbon emissions and act as the definitive source of truth for all sustainability and compliance activity.

Headquartered in Raleigh, NC, with a distributed team across the country, we’re backed by world-class investors including Redpoint, Felicis, and Tishman Speyer. As our customers face mounting pressure to prove their "trustworthiness" to retain major contracts - responding to exhaustive questionnaires ranging from carbon footprints to data privacy - we are expanding our platform to become the comprehensive hub for corporate ESG and InfoSec compliance.

About the Role

We are looking for a Solutions Lead to help scale our delivery and execution as we expand into SOC 2, Data Privacy, and AI Security. This role is execution-heavy and hands-on. You will own the strategy for our compliance offerings, partner deeply with Engineering and Design, and help bring more predictability to how we solve complex trust hurdles for our customers.

You will work closely with the VP of Product and Tech to shape how compliance and privacy are practiced across the team. This is a senior individual contributor role with strong influence - acting as a consultant, entrepreneur, and project manager to build this function from the ground up.

What You’ll Own

• Ownership of our SOC 2 and Privacy compliance roadmap, from problem framing to tracking adoption.
• Gap analysis and consulting with clients to assess their InfoSec posture and provide actionable paths to certification.
• Internal playbook development, creating the checklists, policy templates, and controls that will be automated within our software.
• AI Security frameworks, defining security controls for AI implementation to help us and our clients manage the risks of emerging technology.
• Cross-functional collaboration with Design, Engineering, and Leadership to translate manual compliance tasks into scalable product features.

How You’ll Work

• Bring structure and clarity to the ambiguous and evolving space of AI security and data privacy.
• Focus on outcomes, ensuring our customers actually achieve compliance goals rather than just following "process theater".
• Operate pragmatically for a small, scrappy team, adapting formal audit processes to work for high-growth startups.
• Partner closely with Leadership to identify market needs and "sell" the value of our new GRC (Governance, Risk, and Compliance) offerings.

What Success Looks Like (First 6 Months)

• Client Confidence: Pilot customers feel aligned and effective in their journey toward SOC 2 or Privacy certification.
• Predictable output: Our compliance service is easier to plan around and consistently delivers value to clients.
• Healthy backlogs: You have identified and prioritized the technical and policy requirements needed for our platform expansion.
• Strong partnerships: You have built low-friction working relationships internally and externally.

About You

• Professional Services Excellence: 4+ years of experience in SOC 2, IT Audit, or Privacy consulting - ideally from a high-rigor environment (e.g., Big 4 / established regional firm) or a fast-paced compliance startup.
• Proven ability to own execution: You have a track record of building programs or products from scratch, not just providing high-level strategy.
• Entrepreneurial Mindset: You are comfortable working in ambiguity and enjoy the "zero-to-one" phase of a scale-up environment.
• AI Savvy: You have a solid understanding of how AI systems work and are comfortable collaborating on the technical tradeoffs of AI security risks.
• Analytical Skills: Strong ability to reason about complex data, workflows, and reporting requirements.

Nice to Haves

• Experience with compliance or other regulated product areas.
• Background in B2B software and an understanding of software infrastructure.
• Experience helping teams mature their practices during periods of rapid growth.
• CISA, CISSP, or CIPP certifications.

What We Offer

• A chance to make a meaningful impact on climate action and corporate trust.
• Flexible, unlimited paid time off and generous benefits.
• Equity packages for all employees.
• Annual team and department retreats.

Compensation: Base salary plus early-stage company equity.