Drata
Customer Success
SeniorComplianceAdvisor
“Senior Compliance Advisor at Drata. Skills: Compliance, Audits, Assessments, GRC. Advise customers on information security policies. Advise customers on control evidence”
What You'll Achieve.
Drive fast and smooth audit readiness programs; Create and deliver best practices in meeting requirements; Advocate on behalf of customers’ needs; Build trust and empathy with Drata’s customers; Advise them toward a continuous and self-sufficient security, risk and compliance posture; Deliver results; Immediate impact; Deliver value
Industry & Context.
What They're Looking For.
Must Have
4 - 6 years of experience in performing audits and assessments for compliance programs based on SOC 2 and ISO 27001/27002, background and understanding of GRC (Governance, Risk, and Compliance) programs, processes, functions, and operational teams, and helping organizations design, build, and operate their risk, security, and compliance programs, Proven self-starter able to identify priorities, take ownership of work, and learn and advise on new compliance frameworks quickly, An ability to develop and cultivate positive relationships with customers, A proactive approach to managing your workload and day and ability to prioritize many different tasks and levels of responsibility, Constant ability to iterate and improve upon existing processes, A ability to work within a high-speed and high-volume environment
Nice to Have
exposure and experience in additional frameworks such as HIPAA, PCI, GDPR, CMMC, FedRAMP, CCPA, or other major compliance and controls regulations and framework, Familiarity with GRC tools and/or cybersecurity hands-on experience with a GRC automation platform is a plus, previous experience at consulting, audit, and advisory firms or at GRC/cybersecurity technology companies, is highly preferred, Desire to work at a rapidly growing startup with a team-player mindset, building and creating something from the ground up, Light technical fluency to accelerate evidence automation and customer enablement — comfort reading and interpreting API responses, working familiarity with at least one major cloud provider (AWS, GCP, or Azure) and its core security/IAM services, and/or basic scripting (Python, PowerShell, or SQL) to streamline repetitive evidence-collection tasks, One or more industry certifications such as CISA, CISSP, CIPP/E or CIPP/US, CRISC, or ISO 27001 Lead Auditor / Lead Implementer
What You'll Do.
Advise customers on information security policies
Advise customers on control evidence
Advise customers on audit readiness
Lead end-to-end control mapping
Lead cross-framework crosswalk analysis
Serve as primary compliance expert
Lead development and present on GRC best-practices
Lead ongoing internal learning
Share knowledge through mentorship
Partner with Customer Success
Partner with Account Managers
Engage with Sales team
Respond to prospective customer questions
Host customer-facing webinars
Review marketing articles
How You'll Work.
Team & Collaboration
Work closely with all teams; Serve as primary compliance expert to members of our Customer Success teams; Partner with Customer Success and Account Managers; Engage with the Sales team
Communication Scope
Customer-facing meetings; Email; Internal presentations; Webinars
Applying for this Senior Compliance Advisor role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Ashby
- Ashby is a fast modern ATS — most applications take under 3 minutes.
- The resume parser is strong; verify parsed experience dates and job titles.
- Custom screening questions are often scored algorithmically — answer completely.
- Location field affects geo-based screening; use your actual metro area.
ANONYMOUS · UNFILTERED
What do employees actually say about Drata?
Real rants from real employees. Read before you apply.