[Hiring] Principal Security & Compliance Advisor @Pliancy

Role Description

Outpost is hiring a founding member of our service delivery team to help build, productize, and deliver our security, compliance, and AI governance offering for clients in finance, venture capital, private equity, hedge funds, family offices, technology, and biotech.

This is a senior, client-facing role for someone who can operate as both a trusted advisor and a practical implementer. You’ll help clients make sense of security, compliance, and AI risk decisions, translate business objectives into action plans, and guide the work required to improve their security posture while using emerging technologies responsibly. You’ll also work closely with the Managing Director of Outpost to shape how Outpost delivers services, packages its offerings, documents its playbooks, and scales over time.

This is far more than a narrow compliance checklist role, and it is not a behind-the-scenes engineering-only role. The right person will care deeply about documentation, but even more about helping clients reach their business objectives and delivering an exceptional client experience along the way. You should be comfortable with ambiguity, energized by building something new, and excited to help define the operating model for an important and growing part of Pliancy.

Responsibilities

• Serve as a senior security and compliance advisor for Outpost clients, with an emphasis on finance firms, including VC, PE, hedge funds, family offices, both ERAs and RIAs, and other investment firms, as well as select technology and biotech startups.
• Lead consultative client conversations around governance, risk, controls, compliance readiness, secure AI adoption, security roadmaps, vendor selection, audit preparation, DDQs, cybersecurity insurance, incident preparedness, and operational workflows.
• Translate client business objectives into practical security and compliance action plans that are clear, prioritized, and realistic.
• Help clients understand, evaluate, and securely adopt AI tools, including usage policies, data handling expectations, vendor risk considerations, access controls, employee guidance, and practical governance models.
• Help design, document, and continuously improve Outpost’s service delivery playbooks, templates, project plans, assessment methods, and client-facing deliverables.
• Deliver leadership-level roadmapping and project ownership across ongoing client engagements.
• Support clients working toward or maintaining compliance with frameworks and requirements such as SOC 2, ISO 27001, NIST CSF, CIS Controls, CCPA, GDPR, HIPAA-adjacent requirements, and other relevant security or privacy obligations.
• Assess and improve client processes such as onboarding, offboarding, access reviews, vendor risk management, business continuity, disaster recovery, incident response, policy management, and control monitoring.
• Advise on and help implement systems and tools across categories such as compliance automation, identity and access management, endpoint security, MDR, SIEM, vulnerability management, MDM, backup and recovery, AI productivity platforms, and security awareness.
• Partner with Pliancy teams to connect security and compliance recommendations to the underlying IT systems, workflows, and support model required to make them stick.
• Create high-quality internal and client-facing documentation that improves clarity, repeatability, and client experience.
• Share market observations, client feedback, recurring pain points, and delivery lessons with Outpost leadership to help productize the offering.
• Help shape future hiring, operating processes, and service standards as Outpost grows.

Qualifications

• 5+ years of experience in security, compliance, GRC, vCISO, security consulting, advisory, MSP/MSSP, or a comparable client-facing security role.
• Strong working knowledge of security and compliance domains such as governance, risk management, control assessments, access controls, audit readiness, vendor risk, incident response, vulnerability management, business continuity, and data protection.
• Experience advising executives or senior operators on security and compliance decisions.
• Experience translating frameworks, audit requirements, regulatory expectations, or emerging technology risks into practical workstreams.
• Familiarity with frameworks and standards such as ISO 27001, NIST CSF, NIST 800-53, CIS Controls, CCPA, GDPR, and HIPAA.
• Comfort working with finance, investment management, venture capital, private equity, hedge fund, family office, startup, technology, or biotech clients.
• Comfort advising clients on responsible AI usage, including secure adoption, acceptable use, data protection, vendor review, employee enablement, and business-process implications.
• Ability to communicate clearly with both technical and non-technical audiences.
• Strong client-service instincts, including follow-up, follow-through, responsiveness, expectation-setting, and good judgment under pressure.
• Ability and willingness to properly document processes, decisions, risks, controls, assets, and recommendations.
• A practical understanding of common security tooling categories, including IAM, MDM, EDR/XDR, MDR, SIEM, vulnerability management, backup and recovery, compliance automation, and security awareness platforms.
• A practical understanding of how AI tools are being adopted inside modern businesses, including common risks around sensitive data, access, vendor terms, employee usage, workflow design, and governance.
• Demonstrated ability to learn new technologies, client environments, and business contexts quickly.
• A sense of ownership and pride in your work.
• A team-centric mentality, with a focus on collaboration, communication, documentation, improving processes, and succeeding together.
• Authorization to work in the United States for any employer.

Requirements

• Experience supporting SEC-regulated investment advisers, Exempt Reporting Advisers, Registered Investment Advisers, private fund managers, broker-dealer-adjacent environments, or other financial services organizations.
• Experience with compliance automation platforms such as Drata, Vanta, Secureframe, Tugboat Logic, or similar tools.
• Experience developing AI acceptable-use policies, AI governance models, secure AI adoption plans, vendor review processes, or employee enablement materials.
• Experience with MDR, SIEM, vulnerability management, BCDR, cyber insurance, TPRM, penetration testing coordination, or incident response planning.
• Certifications such as CISSP, CISM, CISA, CCSP, CRISC, GIAC, or equivalent practical experience.
• Experience building or scaling a service delivery model, advisory practice, managed service, or productized consulting offering.
• Experience creating client-ready templates, assessment methods, roadmaps, policy libraries, or implementation playbooks.
• Familiarity with scripting, automation, APIs, or lightweight technical implementation work.
• Experience in MSP, MSSP, professional services, consulting, or high-touch client service environments.

Benefits

• Salary: $150,000 - $180,000 per year, dependent on experience, plus eligibility for Pliancy’s applicable incentive programs.
• Healthcare: Premiums for our base-level healthcare plan are 100% covered for employees and 50% covered for dependents, with the option to upgrade plus optional dental and vision plans.
• Company-funded HRA account to help cover medical copays, deductibles, and coinsurance.
• 401(k) match offered to help you plan for your long-term future.
• Unlimited PTO.
• Paid leave for new parents, including adoptive parents, to support your family’s growth.
• Employee stock options so you can share in Pliancy’s success.