As Specright's Information Security & Compliance lead, you'll take the operational reins for our SOC 2 Type 2 program and broader security initiatives. Reporting to the CTO, you will design, implement, and manage security policies, vendor assessments, incident response, and compliance certifications-all while acting as our key liaison for customer security requests and audits.

Responsibilities

Maintain, update, and enforce all information security policies and procedures.
Drive SOC 2 Type 2 compliance, including readiness assessments, remediation, documentation, and audit coordination.
Evaluate and pursue additional frameworks where applicable.
Lead the RFP and security questionnaire process for customers, providing accurate, timely responses.
Conduct third-party vendor risk assessments and ongoing monitoring.
Develop and deliver internal security awareness training programs.
Oversee incident response planning, management, and quarterly drills.
Partner closely with Engineering, Product, and IT teams to embed secure development and deployment practices.
Stay current on regulatory and industry security trends, ensuring ongoing compliance.

Qualifications

7+ years in an infosec or compliance role within a SaaS or technology environment.
Hands-on experience with SOC 2 Type 2 (required); familiarity with ISO 27001, HIPAA, or NIST is a plus.
Strong understanding of cloud security principles (AWS, Azure, GCP).
Excellent written and verbal communication skills-comfortable interfacing with executive teams and external auditors.
Self-starter comfortable working independently in a high-growth startup environment.
Security certifications such as CISSP, CISM, or equivalent are preferred.

Why Join Us

Own a high-impact role that reinforces customer trust and supports our continued growth.
Collaborate directly with executive leadership and cross-functional teams.
Enjoy remote flexibility, competitive compensation, and robust benefits-including healthcare, 401(k) match, and professional development support.

About Specright

Specright offers cloud-based software (SaaS) for specification data management to Fortune 1000 companies with complex needs. Whether it's packaging, formulas or products, Specright helps companies reduce costs and empower efficiencies by sharing, analyzing and auditing specifications.

Specright is disrupting the $1 Trillion packaging acquisition and specifications industry. Our customers typically manage thousands to 10s of thousands of product SKU's. Currently, most rely on PDFs, spreadsheets, emails, phone calls and less than user-friendly ERP / PLM systems to manage all aspects of their specification needs--from procurement to quality assurance. We believe that access to accurate specification data, plus the intelligence to make data-driven decisions is critical in today's operating environment.

Although we are an early stage company, we have well-known companies as customers that believe what we believe. Companies like Dow Chemical, Johnson & Johnson, Flowers Foods (Wonder Bread, Nature's Own), The Wonderful Company (FIJI Water), and Starbucks trust us with their critical specification information, and rely on us to help them access the full power of that information to operate more efficiently.

Specright has a deep bench of product and packaging experts, and experienced technologists. Leadership has grown and sold successful packaging and technology companies, raised multiple rounds of VC capital including two rounds for Specright from select and prominent VC groups--we are well-funded and backed by some of the best.

Location

Remote, US.

Culture

We are an energetic company with an entrepreneurial, versatile, intelligent, and fast-paced culture. We promote an open and relatively flat organization with an emphasis on collaboration, sharing ideas and information. It's more important to innovate, then worry about making mistakes.

Benefits

Competitive salaries
Flexible work hours
Full benefits package that includes Medical, Vision,& Dental

See more open positions at Specright

Privacy policy Cookie policy