Modal은 Security GRC Specialist를 채용합니다. SOC 2, ISO 27001 등 컴플라이언스 프레임워크 운영 및 고객 보안 대응을 주도할 전문가를 찾습니다. 엔지니어링 팀과 협력하여 실용적인 보안 통제를 설계하고, 기술적 이해도를 바탕으로 비즈니스 성장을 지원하는 역할을 수행합니다. 3~7년 이상의 관련 경력을 보유한 분들의 많은 지원 바랍니다.
Every era of computing brought new workloads that previous infrastructure couldn't support: mainframes, databases, and the cloud. Each time, the company that rebuilt the layer underneath defined the decade. AI is no different, except it touches everything instead of one slice, and the window to build the layer underneath it is open right now.
Our customers include category-defining companies like Lovable, Ramp, Cognition, DoorDash, and Suno. They rely on Modal for instant GPU access, sub-second container starts, and native storage, so it's simple to serve low-latency inference, fine-tune models, and access production-ready sandboxes at scale.
We recently raised a $355M Series C at a $4.65B valuation, led by General Catalyst and Redpoint Ventures. We've crossed $300M+ ARR and grown fivefold since September.
Our team includes creators of popular open-source projects (e.g.,Seaborn,Luigi), academic researchers, international olympiad medalists, and experienced engineering and product leaders with decades of experience.
We’re looking for a hands-on Security GRC Specialist to own and scale our security and compliance programs while working closely with engineering and product teams. This role is central to building customer trust, enabling sales, and ensuring we meet evolving regulatory and security expectations without slowing down innovation.
You won’t just maintain compliance, you’ll help shape how we build secure systems.
Own and operate compliance frameworks (e.g., SOC 2, ISO 27001, GDPR, etc.)
Drive audits end-to-end: readiness, evidence collection, auditor coordination
Continuously improve controls and reduce compliance overhead through automation
Lead responses to customer security questionnaires, RFPs, and due diligence requests
Partner with Sales and Customer Success to unblock deals and build trust
Develop and maintain security documentation (trust center, whitepapers, FAQs)
Work directly with engineering teams to design and implement practical security controls
Translate compliance requirements into technical, scalable solutions
Identify gaps and drive remediation projects (not just report them)
Run risk assessments across systems, vendors, and processes
Maintain policies and standards, but keep them lightweight and actionable
Track and report on security posture and compliance status
Improve how we manage compliance (evidence collection, control mapping, automation)
Evaluate and implement GRC/security tools where appropriate
Core Experience
3–7+ years in security GRC, compliance, or security engineering-adjacent roles
Hands-on experience with frameworks like SOC 2, ISO 27001, or similar
Experience supporting audits and customer-facing security conversations
Comfortable working with engineers and understanding systems (cloud, infra, APIs, etc.)
Ability to translate between compliance language and technical implementation
Experience with modern cloud environments (AWS/GCP/Azure) is a strong plus
Proactive and hands-on—you drive changes, not just track them
Able to balance rigor with pragmatism in a fast-moving environment
Strong communication skills, especially with customers and cross-functional teams
Experience building or scaling a GRC program from early stages
Familiarity with automation in compliance workflows
Background in security engineering or DevOps
Compliance is a means to build trust, not the end goal
GRC should enable the business, not slow it down
The best candidates are technical, pragmatic, and collaborative