Security and Compliance Director
AI Co-Worker Agent Platform
Location: Remote
Type: Full-Time | Equity Eligible
About Subatomic
Many AI efforts stall due to poor workflow fit and security or integration gaps. At Subatomic, we’ve built a platform designed to solve these challenges head-on. Our AI Co-Workers operate inside the tools people already use—email, chat, Docs—and integrate across business systems like CRM and ERP. With human-in-the-loop controls, modular and LLM-agnostic design, and secure deployment options, we help organizations adopt AI without disruption, compromise, or risk.
Subatomic is different because our AI adapts to each customer: AI Your Way. We don’t replace people—we collaborate with them. Our AI Co-Workers deliver measurable results from day one, with clients ranging from Fortune 500 companies to high-growth startups. From legal teams cutting contract reviews from weeks to minutes, to service technicians automating field reports, to financial advisors scaling personalized client engagement, Subatomic is proving every day that AI can create real business value.
Joining Subatomic means being part of a fast-moving startup at the forefront of this category-defining shift. We’re not looking for traditional technical leaders—we’re looking for entrepreneurial innovators who utilize AI-first principles to improve our adherence to and evolve key Security and Compliance focal areas with adaptability and resilience as core product table stakes.
The Role
Coming off a recent $7M seed investment, we continue to expand our reach into sectors requiring stringent regulatory adherence, and seek a seasoned Security and Compliance Director to enhance our team. This role is crucial in ensuring that our products not only meet but exceed the regulatory standards required by our clients and governing bodies.
As a Security and Compliance Leader, you will be a key technologist with engineering expertise and will be instrumental in embedding compliance and security into the fabric of our product development lifecycle. With a deep understanding o FINRA, SOC2, OWASP LLMs 2025, NIST CSF 2025, CIS Azure Benchmark v1.0.0, ISO 27001controls, you will support the integration of these standards into our engineering processes, ensuring that our products are secure, compliant, and trustworthy. Your expertise will not only involve technical implementations but also extend to creating comprehensive documentation and automated processes to support compliance activities.
This role is responsible for safeguarding the organization’s systems and platforms, networks and data across all geographies, ensuring regulatory and operational compliance, and building a modern, resilient security architecture that enables innovation. It will also play a strategic role in exploring opportunities to transform security into a differentiator and maybe become a potential revenue stream for Subatomic AI in the future. This position will report directly to our Chief Technology Office (CTO).
Key ResponsibilitiesEnterprise Strategic Leadership
- Define and drive the enterprise-wide information and cyber security strategy across the company, with a vision to make Subatomic AI one of the most secure and trusted global companies
- Oversee all aspects of security operations, governance, architecture, engineering and incident response to protect systems, networks, and our data
- Lead the modernization and simplification of the security environment to support Subatomic AI’s digital transformation agenda. Keep us secure but allow us to innovate
- Embed “secure-by-design” principles into software development, infrastructure provisioning, and vendor management
- Collaborate with technology and business leaders to integrate security considerations into digital initiatives, cloud strategies, emerging technologies, and operational processes
Risk and Compliance
- Fully own the global cyber risk management framework, aligning with regulatory requirements and business risk appetite
- Ensure compliance with international data privacy and security regulations across all operating regions, as necessary given Subatomic client geographical reach
Security Culture & Stakeholder Engagement
- Champion a proactive security culture across Subatomic AI’s global workforce, including training, education, and executive engagement
- Work closely with product, engineering, legal, and operations teams to ensure security is embedded across the enterprise
- Serve as a key advisor to the executive leadership team and the Board of Directors on cyber resilience and emerging threats
Technology and Innovation
- Build a scalable, automated, cloud-native security architecture to support Subatomic AI’s digital and platform strategy
- Partner with the CTO functions to drive DevSecOps adoption and enable secure product delivery at speed
- Bring an innovation and techno-commercial mindset around security to help build our security solutions as an AI Platform service, with a potential to allow Subatomic AI to monetise it in future, should we choose to.
Detailed Responsibilities
- Compliance Integration: Build control and evidence automation to lessen the compliance burden. Aid in design and implementation of FINRA, SOC2, OWASP LLMs 2025, NIST CSF 2025, CIS Azure Benchmark v1.0.0, ISO 27001 controls into the product development lifecycle. Ensure that all product features meet the rigorous compliance standards necessary for highly regulated industries.
- Documentation and Audit Support: Create security and privacy control focused engineering specifications, user documentation, and other technical artifacts that convey compliant technical implementations. Ensure clarity and accessibility of documentation for both technical and non-technical stakeholders. Create and maintain compliance evidence for internal and external auditors.
- Continuous Improvement: Stay abreast of developments in regulatory standards and compliance best practices, with specific focus in Subatomic primary verticals and domains. Recommend and implement improvements to reduce the cost of compliance on teams.
- Risk Assessment: Continuously assess risk as part of the product change management process. Prioritize and address potential compliance gaps in collaboration with risk management and security teams.
You Might Be a Fit If You Are:
- A proven entrepreneur with an appetite for precision who thrives in generating secure, compliant solutions in high-regulatory environments.
- Comfortable in early-stage settings—iterating in real time, and wearing many hats.
- Familiar with AI, automation —especially where technical depth and key security and compliance requirements intersect.
Requirements
- Bachelor of Computer Science, Bachelors of Information Security, or equivalent
- 10+ years of experience in information security or equivalent and 5+ years of experience with delivering automation projects
- 3-5 years of experience in creating data pipelines to automate internal compliance control measurement using system data and reports, and creating compliance dashboards to monitor implementation status.
- 3-5 years of experience in developing custom scripts to apply logic to test whether custom conditions are met as a means to measure control design and implementation status
Preferred Qualifications
The qualifications below are ideal. We encourage candidates to apply if they satisfy some, but not all of these qualifications.
- Working knowledge of compliance regulations, such as OWASP LLMs 2025, NIST CSF 2025, CIS Azure Benchmark v1.0.0, ISO 27001, and other federal and commercial regulations and compliance programs
- Experience running program and project management initiatives (e.g. organization-wide initiatives, large scale integration management)
- Expertise in software development or security engineering.
- Experience communicating complex concepts and developing communications for a wide variety of both technical and non-technical audiences
- Experience influencing the design of new product and updated products and features to represent security interests and outcomes
- Demonstrated success collaborating with cross-functional teams to drive results
- Demonstrated experience orienting towards solutions in the context of competing perspectives
- Capability to analyze software development processes, identify compliance risks, and propose practical solutions to mitigate these risks while ensuring business objectives are met
- Experience conducting root cause analysis, developing corrective action plans based on findings, and influencing stakeholders to adopt solutions
- Experience creating compliance documentation, such as procedures, process flow diagrams, threat models, and risk assessments
- Demonstrated skills creating team-specific software development guidance to enable secure, rapid delivery of products and services
- Strong commitment to continuous learning to stay up to date on industry trends, technologies, and best practices
- CISSP or equivalent
- Strong technical background, including experience in a variety of software development environments and methodologies
- Experience architecting Agentic AI solutions
- Experience building system and mechanisms to create a data pipeline of information used to monitor control status, and create control measurement used to verify implementation status
- Experience building mechanisms to detect change conditions to enable change control process
- Working knowledge of AI tools that enhance one’s own productivity in this type of role
What We OfferCompensation
- Base salary
- Competitive benefits package including equity eligibility
Benefits of the Role
- Fully remote work with flexible hours and a results-driven culture
- Work directly with the founders to shape our Security and Compliance Strategy
- Supporting a Proven platform with real customer results, testimonials, and in-market traction
- A front-row seat to the future of AI-enabled work—and the opportunity to ensure compliant products that will truly transform businesses.
