Security GRC Manager

About the role

Humaans is building the next generation of infrastructure for the workplace; software designed for companies that are scaling fast, operating globally, and pushing into new boundaries. What started as a system of record has evolved into a broader platform for operating people globally. With Athena, our agentic AI layer, Humaans moves beyond data management into intelligent orchestration, connecting workflows across HR, IT, Finance, and Operations so organisations can act faster and with greater confidence, redefining how work gets done. We work with ambitious teams across Europe and the US, from AI-native companies like Lovable, Poolside, Fyxer AI, and Tandem Health, to established, high-growth organisations scaling internationally and through acquisition, including Quantexa, Sellpy, Manychat, Gigs, Croud, and Threecolts. These teams don't buy software for features,they buy leverage. The ability to run faster, cleaner, and with more control as complexity compounds. To date, we've raised $20m in venture funding from some of the most respected founders, operators, and funds in technology: Lachy Groom (Physical Intelligence), Stewart Butterfield (Slack), Tobias Lütke (Shopify), Dylan Field (Figma), Jeff Weiner (LinkedIn), Claire Johnson (Stripe), Oliver Jay (OpenAI), Jay Simmons (Bond) as well as Y Combinator, Moonfire, Frontline Ventures, Pathlight Ventures, and Exor. If you have massive ambition and want to work on a hard problem, with a small team that moves fast, at a moment when the category is genuinely up for grabs - this is it. We're looking for a Security GRC Manager - Trust and Compliance, to own the systems, processes, audits, and customer-facing trust work that help Humaans scale into more demanding markets. This is a hands-on ownership role, built around AI. You'll run our security compliance programme throughout the year, not just during audit season. AI is how the work gets done here. It drafts policies, speeds up questionnaire responses, and keeps evidence current. You already use these tools daily and know how to get real leverage from them. You'll own the operating rhythm for frameworks like ISO 27001, SOC 1, SOC 2, HIPAA and future standards that matter to our customers. You'll keep evidence organised, controls running, policies up to date, vendors reviewed, risks visible, and audits moving smoothly. You'll also be close to revenue. You'll support Sales and Customer Success on security and compliance questions, help complete vendor security questionnaires, maintain reusable trust materials, and make sure enterprise buyers get accurate, fast, confidence-building answers. This role sits at the intersection of Security, Legal, Product, Engineering, Revenue, and Operations. You don't need to be the person configuring every system yourself, but you do need to understand how modern SaaS companies operate, ask sharp questions, drive action across teams, and keep the bar high. Focus / Ownership You'll own Humaans' security compliance programme end-to-end, including ISO, SOC 1, SOC 2, HIPAA and future frameworks we choose to pursue. You'll manage audit cycles throughout the year, coordinating with external auditors, internal control owners, Engineering, People, Legal, Finance and Operations. You'll maintain the controls, evidence, policies, risk register, access reviews, vendor reviews, business continuity processes, and incident response documentation that support our certifications and customer commitments. AI drafts and updates these artefacts and keeps evidence current year-round, not only at audit time. You'll support customer-facing trust work, including sales calls, security reviews, procurement processes, vendor questionnaires, RFPs, DPAs, subprocessors, data protection questions, and enterprise diligence. You'll build AI-assisted systems for answering repeated security questions quickly and accurately. The answer bank drafts responses. Trust collateral stays current. A review process holds quality as volume scales. You'll work with Product and Engineering to translate compliance requirements into practical operational controls without slowing the company down unnecessarily. You'll help the company make clear, risk-based decisions, escalating when something matters and cutting through noise when it doesn't. You'll raise the maturity of how Humaans thinks about security, privacy, risk, and customer trust as we move upmarket.

Requirements

• You have 4+ years of experience in security compliance, GRC, trust, audit, information security, privacy operations, or a closely related role.
• You've run or supported audits for frameworks such as SOC 2, ISO 27001, SOC 1, HIPAA, GDPR, or similar.
• You've used AI in security or compliance work and can speak to what you built and the outcome. Think drafting policies, speeding up questionnaire responses, or reviewing vendor documentation.
• You understand how modern B2B SaaS companies work, including cloud infrastructure, access management, vendor mana

Benefits

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at humaans? Share your experience