Head of Security and Compliance (Remote)

| Remote
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
About Vendr
Vendr is forever changing how companies buy and renew SaaS. With over $550+ million in SaaS purchases across 1,200+ suppliers, the Vendr SaaS buying platform enables the world’s fastest-growing companies to purchase SaaS, without friction and at a fair price. Headquartered in Boston with a second location in Charleston and over 130+ employees, we are building a team that can take us to the future state of frictionless buying. Some customers include HubSpot, The Washington Post, and DraftKings.

In March 2021 we announced that we raised $60 million at a $600 million valuation for our Series A, backed by Tiger Global (2021), Craft Ventures (David Sacks), Sound Ventures (Ashton Kutcher & Guy Oseary), Y Combinator, and others.

Since 2018, we have:
- Managed $550M+ in software spend
- Saved $99M+ for our customers
- Given our customers thousands of hours back to focus on the important parts of their job

And we’re just getting started. This is your chance to join as we enter hyper-growth and make a massive impact, forever changing the way people buy and sell B2B SaaS. 

We count some of the world’s best companies among our customers, and you’ll own the security program that gives them the confidence to trust us with their sensitive data. We already have a fairly robust program in place, but it’s time for a seasoned security and compliance professional to take it to the next level. As Vendr’s first Head of Security, you’ll take the reins from the early tech leadership team, grow it into a world-class security program, and build up the organization to continue to support it.

Compliance and Policy:

  • Ensure the Vendr complies with relevant security and privacy laws and standards
  • Identifying, prioritize, and act upon opportunities to improve our posture
  • Develop and manage information security and privacy policies
  • Oversee implementation of security initiatives
  • Own Third Party Vendor Risk Management
  • Perform regular system access reviews
  • Develop and maintain BCP/DRP programs
  • Manage annual SOC 2 audit process
  • Prepare for additional certifications as needed by the business (e.g. ISO 27001)
  • Manage companywide and department-specific security training
  • Respond to security questionnaires from prospects and current customers
  • Respond to inquiries about GDPR/CCPA/etc compliance


  • Consult with engineering leadership on implementation of security-related functionality
  • Ensure development practices comply with information security procedures, and advise Engineering colleagues on how we can be improving
  • Coordinate regular penetration tests and develop remediation plans with engineering
  • Oversee third party IT firm and IT security (e.g. MDM, account access, etc)
  • Coordinate Incident response activities

You have:

  • BA/BS computer science or engineering degree or equivalent working experience
  • 6+ years industry experience in security-related roles such as security engineer or security analyst
  • Broad technical knowledge of security and compliance best practices
  • Prior experience in debugging, production support, or writing code is ideal
  • Experience with security, compliance, and privacy standards such as SOC, GDPR, ISO27001 is ideal


Vendr is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law. While we are interested in qualified applicants who are permanently eligible to work for any employer in the United States, we are unable to sponsor or take over sponsorship for employment visas at this time.

To all recruitment agencies: We do not accept unsolicited agency resumes and are not responsible for any fees related to unsolicited resumes.

Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.


Office TBD!, Boston, MA

What are Vendr Perks + Benefits

Friends outside of work
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Health Insurance & Wellness Benefits
Dental Benefits
Vendr 100% of dental premiums.
Vision Benefits
Vendr 100% of vision insurance premiums.
Health Insurance Benefits
Vendr 100% of heath insurance premiums.
Wellness Programs
Wellness reimbursement
Mental Health Benefits
calm app subscription
Retirement & Stock Options Benefits
Company Equity
Performance Bonus
varies from position
Match charitable contributions
Vendr volunteers, monthly charitable contributions
Child Care & Parental Leave Benefits
Generous Parental Leave
up to 12 weeks of paid leave,
Flexible Work Schedule
Remote Work Program
Family Medical Leave
Vendr offers up to 12 weeks of unpaid, job-protected leave per year, as well as maintained health benefits, for any employee eligible under the Family and Medical Leave Act (FMLA)
Return-to-work program post parental leave
Vacation & Time Off Benefits
Unlimited Vacation Policy
Paid Holidays
Paid Sick Days
Perks & Discounts
Casual Dress
Company Outings
Happy Hours
Home Office Stipend for Remote Employees
Remote stipend
Professional Development Benefits
Lunch and learns
Cross functional training encouraged
Promote from within
Paid industry certifications
More Jobs at Vendr30 open jobs
All Jobs
Data + Analytics
Design + UX
Dev + Engineer
HR + Recruiting
Project Mgmt
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView Vendr's full profileSee more Vendr jobs