contract-pen-iconManifesto
desk-coffee-computer-iconJobs
wrench-iconTools
globe-iconCommunity
smart-tv-iconMedia
muscle-iconContribute
key-iconLog in
Author
This is some text inside of a div block.
Last Updated
This is some text inside of a div block.
Editorial Transparency
This is some text inside of a div block.

Senior Assurance Manager

About Phaidra

Phaidra is building the future of industrial automation.

The world today is filled with static, monolithic infrastructure. Factories, power plants, buildings, etc. operate the same they've operated for decades — because the controls programming is hard-coded. Thousands of lines of rules and heuristics that define how the machines interact with each other. The result of all this hard-coding is that facilities are frozen in time, unable to adapt to their environment while their performance slowly degrades.

Phaidra creates AI-powered control systems for the industrial sector, enabling industrial facilities to automatically learn and improve over time. Specifically:

  • We use reinforcement learning algorithms to provide this intelligence, converting raw sensor data into high-value actions and decisions.
  • We focus on industrial applications, which tend to be well-sensorized with measurable KPIs — perfect for reinforcement learning.
  • We enable domain experts (our users) to configure the AI control systems (i.e. agents) without writing code. They define what they want their AI agents to do, and we do it for them.

Our team has a track record of applying AI to some of the toughest problems. From achieving superhuman performance with DeepMind's AlphaGo, to reducing the energy required to cool Google's Data Centers by 40%, we deeply understand AI and how to apply it in production for massive impact.

Phaidra’s ability to achieve its mission is determined by our ability to work together — as defined by our core values: Transparency , Collaboration , Operational Excellence , Ownership , and Empathy. We seek individuals who embody these values, as they are instrumental in ensuring our team consistently delivers excellence and fosters an engaging and supportive culture

Phaidra is based in the USA, but we are 100% remote with no physical office. We hire employees internationally with the help of our partner, OysterHR. Our team is currently located throughout the USA, Canada, UK, Italy, Sweden, Spain, Portugal, the Netherlands, Singapore, Australia, and India.

Joining the Talent Pool

Please submit your resume/CV below. You may also submit a cover letter explaining what your ideal position is and how your skills would fit with the team!

Please note: Due to the high volume of applications, there may be a delay in response from our hiring team. However, Phaidra is committed to ensuring every applicant receives a response, regardless of the outcome. We sincerely appreciate your interest in joining Phaidra and thank you for taking the time to apply.

Who You Are

We are seeking an experienced Senior Cyber Assurance Manager to build, manage, and mature our Governance, Risk, and Compliance (GRC) program. In this highly visible role, you will be responsible for managing all internal and external assurance obligations, taking full ownership of our compliance management platform (Vanta), and overseeing our enterprise risk management processes. This role is currently structured as a high-impact Individual Contributor (IC) position, requiring a 'builder' mindset with the potential to scale the team as the GRC program matures.

The ideal candidate is a hands-on leader who excels at automating compliance, managing audits from end-to-end, and translating complex security requirements—particularly those at the intersection of Generative AI/LLMs, Reinforcement Learning, and high-stakes industrial environments —into actionable, efficient business processes.

We are seeking a team member located within the United States of America.

  • In the United States, we are only able to accept applicants located in the following states: California, Colorado, Connecticut, Georgia, Florida, Indiana, Maryland, Minnesota, Missouri, Nebraska, New York, North Carolina, Pennsylvania, South Carolina, Tennessee, Texas, Virginia, Washington.

What You'll Do (Key Responsibilities)

GRC Platform & Compliance Automation (Vanta Ownership)

  • Serve as the primary system owner and administrator for our compliance management platform, Vanta.
  • Configure, manage, and optimize the platform to align with our implemented control frameworks (e.g., SOC 2 , ISO 27001).
  • Drive efficiency by deploying and maximizing automated testing, continuous monitoring, and evidence collection capabilities within the tool.
  • Manage platform workflows to ensure all controls, tests, documents, and policies are appropriately assigned to owners across the business and tracked to completion.

Audit & Assurance Management

  • Manage all internal and external audit activities (e.g., SOC 2, ISO 27001, NIS 2) and other compliance initiatives (like annual penetration tests).
  • Coordinate all audit-related tasks, including evidence gathering, managing auditor requests, facilitating interviews, and managing the remediation of any findings.
  • Ensure our compliance and continued accreditation with all required security and privacy programs.

Enterprise Risk Management

  • Develop, maintain, and manage the enterprise risk register, working with stakeholders to identify, assess, and prioritize security and AI-related risks.
  • Own and execute our risk and vulnerability assessment process.
  • Manage the end-to-end risk and control exception process, ensuring all exceptions are documented, reviewed, and approved.
  • Coordinate with the SRE and business teams on Business Continuity and Disaster Recovery (BCP/DR) planning and data backup systems.
  • Develop and manage the Third-Party Risk Management (TPRM) program.

Governance & Policy

  • Own, manage, and implement the full suite of security policies, standards, and procedures, maintaining all related handbook pages and documentation.
  • Define, establish, and track Key Performance Indicators (KPIs) and metrics to measure the effectiveness of the security program.
  • Monitor the external landscape for new and changing laws, regulations, and industry standards that impact the organization, including those related to AI governance (e.g., EU AI Act, NIST AI RMF) and AI security best practices (e.g., OWASP Top 10 for LLMs).
  • Contribute to the security budget, identifying and justifying tools and resources needed to scale the program.

Cross-Functional Collaboration & Enablement

  • Act as a key security representative for our customers; engage and present on our security posture as needed.
  • Lead the response to customer-facing risk assessments and security questionnaires, and maintain a central repository of standardized answers.
  • Lead, manage, and deliver the company-wide security awareness and training program.
  • Work regularly with cross-functional teams (e.g., Legal, SRE, Engineering, AI/ML, Data Science) to ensure assurance and AI governance considerations, including the Secure AI/ML Development Lifecycle, are integrated into all business processes.
  • Enable a culture of continuous improvement and innovation, identifying opportunities to enhance security posture and streamline processes.

Key Qualifications

Required:

  • 5+ years of experience in a cyber GRC, IT audit, or security assurance role.
  • Deep, hands-on experience implementing and managing compliance programs based on common security frameworks (e.g., SOC 2, ISO 27001).
  • Proven experience building or managing assurance programs in a remote-first, cloud-native environment. You must understand the risk and control differences between traditional on-premise security (e.g., office networks, firewalls) and a modern, distributed workforce (e.g., endpoint security, identity-first auth, Zero Trust principles).
  • Strong working knowledge of security risk and governance frameworks (e.g., NIST Cybersecurity Framework, MITRE ATT&CK, NIS 2).
  • Knowledge of emerging AI governance frameworks and regulations (e.g., NIST AI RMF, ISO/IEC 42001, EU AI Act).
  • Proven experience securing and auditing public cloud environments (e.g., GCP, AWS, or Azure) as the primary corporate infrastructure.
  • Direct administrative experience managing a GRC or compliance automation platform. Vanta experience is preferred.
  • Proven experience managing the full lifecycle of external audits (e.g., scoping, evidence collection, auditor management).
  • Experience working directly with engineering and SRE teams to integrate security controls into the SDLC (Software Development Life Cycle) and CI/CD pipelines , and familiarity with secure-by-default concepts.
  • Strong understanding of cloud security principles, architectures, and securing containerized environments.
  • Familiarity with the AI/ML development lifecycle and a strong understanding of security and privacy risks associated with machine learning and Generative AI models (e.g., adversarial attacks, model poisoning, prompt injection, data leakage).
  • Knowledge of global data security and privacy laws (such as GDPR, CCPA/CPRA) and experience implementing their requirements.
  • Experience driving assurance initiatives from ideation to deployment across cross-functional teams.
  • Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner to a diverse audience.
  • A passion for problem-solving and using scalable solutions to solve repeat problems.
  • Shares our company values: curiosity, transparency & directness, outcome-based performance, and customer empathy.

Nice-to-Have (Preferred):

  • Experience developing assurance programs for Generative AI applications, particularly those involving sensitive or critical infrastructure data.

  *... [description truncated]

About Phaidra

AI-powered platform specializing in the optimization of industrial operations and asset management.
Apply Now
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
PreferencesDenyAccept