Security & Compliance Lead
ExternalPrepare for this interview
EliteAI-generated questions, company research, and talking points tailored to this role
About the role
We're looking for someone security-minded, product-aware, and high-energy enough to build the security function without turning it into a paperwork factory. You'll own security and compliance across product, cloud, engineering workflows, AI tools, agents, MCPs, vendors, and internal processes. The goal is simple: help us move fast, ship safely, and build trust without slowing the team down for no reason. This is for someone who can create practical guardrails, spot real risks, and make security feel like an advantage, not a blocker.
Responsibilities
- 🧿 Own security and compliance across product, engineering, cloud, vendors, and internal systems.
- 🗝️ Build practical security controls around auth, access, secrets, data privacy, infrastructure, and deployments.
- 🕹️ Create safe usage guidelines for AI tools, agents, MCP servers, tool calling, and automation workflows.
- 🧪 Run vulnerability management, security reviews, risk assessments, and incident response planning.
- 🧾 Drive compliance readiness for frameworks like SOC 2, ISO 27001, GDPR, or similar.
- 🧯 Help teams handle sensitive data properly, especially when using AI tools and third-party platforms.
- 🧠 Train the team on secure development, AI safety, privacy basics, and common attack patterns.
- 🪄 Bring a startup mindset: fast decisions, clear ownership, practical fixes, and no security theater.
Requirements
- 🕵️ Strong experience in security, compliance, risk, or application/cloud security.
- 🧰 Good understanding of OWASP, cloud security, IAM, secrets management, vulnerability scanning, CI/CD security, and incident response.
- 🗺️ Familiarity with compliance frameworks like SOC 2, ISO 27001, GDPR, HIPAA, or similar.
- 🧬 AI-native mindset: you understand the risks around AI tools, agents, MCPs, data leakage, permissions, and prompt/tool misuse.
- 🧊 Product-minded, practical, calm under pressure, and allergic to pointless bureaucracy.
- Bonus Points
- 🏗️ You've built security/compliance programs from scratch at a startup.
- 🛰️ You've worked on AI governance, agent security, MCP security, or LLM data privacy.
- 🧲 You can automate security checks, compliance evidence, access reviews, or vendor reviews.
- 🏁 You've taken a company through SOC 2 or ISO 27001 successfully.
Benefits
Additional Information
About PlayPower Labs PlayPower Labs builds software for leading EdTech companies that serve millions of learners. We help our clients solve hard product and engineering problems so they can deliver better learner experiences through advanced technology, thoughtful design, and reliable execution. We've been fully remote since before COVID and plan to stay remote. We are US-based, with a development center in Gandhinagar, India. What We Believe We believe technology is a force multiplier for education. Great software can make learning more engaging, effective, personalized, and accessible for millions of learners worldwide. The future of education will be shaped by advanced online learning, AI, and education data, and we want to help build that future. Education data combined with AI is opening up new ways to create adaptive, personalized learning experiences. We're here to turn those opportunities into real products that learners, educators, and EdTech companies can actually use.
Your Match
How well this role fits your profile.
Company Intel
What employees say
Worked at playpowerlabs? Share your experience