Security GRC Manager in London

Humaans is building the next generation of infrastructure for the workplace; software designed for companies that are scaling fast, operating globally, and pushing into new boundaries. We work with ambitious teams across Europe and the US, from AI-native companies to established, high-growth organisations scaling internationally and through acquisition.

We're looking for a Security GRC Manager - Trust and Compliance, to own the systems, processes, audits, and customer-facing trust work that help Humaans scale into more demanding markets. This is a hands-on ownership role, built around AI. You'll run our security compliance programme throughout the year, not just during audit season.

You'll own the operating rhythm for frameworks like ISO 27001, SOC 1, SOC 2, HIPAA and future standards that matter to our customers. You'll keep evidence organised, controls running, policies up to date, vendors reviewed, risks visible, and audits moving smoothly.

You'll also be close to revenue, supporting Sales and Customer Success on security and compliance questions, helping complete vendor security questionnaires, maintaining reusable trust materials, and ensuring enterprise buyers get accurate, fast, confidence-building answers.

This role sits at the intersection of Security, Legal, Product, Engineering, Revenue, and Operations. You don't need to be the person configuring every system yourself, but you do need to understand how modern SaaS companies operate, ask sharp questions, drive action across teams, and keep the bar high.

• You'll own Humaans' security compliance programme end-to-end, including ISO, SOC 1, SOC 2, HIPAA and future frameworks we choose to pursue.
• You'll manage audit cycles throughout the year, coordinating with external auditors, internal control owners, Engineering, People, Legal, Finance and Operations.
• You'll maintain the controls, evidence, policies, risk register, access reviews, vendor reviews, business continuity processes, and incident response documentation that support our certifications and customer commitments.
• You'll support customer-facing trust work, including sales calls, security reviews, procurement processes, vendor questionnaires, RFPs, DPAs, subprocessors, data protection questions, and enterprise diligence.
• You'll build AI-assisted systems for answering repeated security questions quickly and accurately.
• You'll work with Product and Engineering to translate compliance requirements into practical operational controls without slowing the company down unnecessarily.
• You'll help the company make clear, risk-based decisions, escalating when something matters and cutting through noise when it doesn't.
• You'll raise the maturity of how Humaans thinks about security, privacy, risk, and customer trust as we move upmarket.

• You have 4+ years of experience in security compliance, GRC, trust, audit, information security, privacy operations, or a closely related role.
• You've run or supported audits for frameworks such as SOC 2, ISO 27001, SOC 1, HIPAA, GDPR, or similar.
• You've used AI in security or compliance work and can speak to what you built and the outcome.
• You understand how modern B2B SaaS companies work, including cloud infrastructure, access management, vendor management, product development, customer data, and enterprise sales processes.
• You're comfortable being customer-facing and can join a sales call, answer security questions clearly, and give buyers confidence.
• You're strong at written communication, producing crisp policies, questionnaire responses, audit narratives, and internal guidance that people actually understand.
• You're organised and detail-oriented, keeping evidence, control owners, audit timelines, and customer commitments moving without dropping things.
• You're pragmatic, knowing the difference between meaningful risk reduction and compliance theatre.
• You can work across teams and hold a high bar without becoming a blocker.
• You're excited by a high-growth, high-ownership environment where the playbook is still being written.

• Experience in HR tech, fintech, healthtech, infrastructure, or another category where customer data and enterprise trust are central.
• Experience with security compliance platforms such as Vanta, Drata, Secureframe, Sprinto or similar.
• Experience reviewing DPAs, subprocessors, data residency questions, privacy documentation, and vendor contracts in partnership with Legal.
• Familiarity with US healthcare or HIPAA requirements.
• Experience building a trust centre, customer-facing security portal, or security questionnaire answer library.
• Experience supporting enterprise sales, procurement, RFPs, or security reviews.

• Within your first 90 days, you'll understand our current compliance posture, audit calendar, control owners, customer trust materials, and major gaps.
• Within six months, you'll have improved the operating rhythm of our compliance programme, reduced friction in sales security reviews, and made audits feel more predictable.
• Within twelve months, Humaans will have a more scalable trust function: stronger evidence, better controls, faster questionnaire turnaround, clearer ownership, and a security compliance programme that helps us win larger customers.

This is an in-person role. Our team comes together in the office Monday through Thursday, while most of the team collaborates in person on Mondays, Tuesdays, and Thursdays.

Market-leading compensation that reflects your value, 25 days paid time off each year plus public holidays, Share Options with 5-year exercise window, free Thursday lunches at HQ, quarterly team events, and company offsites, top tier private coverage for health, vision and dental care, a new MacBook and tools you need to do your best work, enhanced parental leave with up to 16 weeks for primary and 4 weeks for secondary, and a learning & development budget.

HR tech is having its AI moment and we’re positioned to own it. Humaans started as a next-gen HRIS taking on large incumbents in a massive market. We’ve since evolved into something even bigger: an AI platform that sits across workforce data and automates the operational layer of HR entirely.

We’re backed by Y Combinator, Lachy Groom, Moonfire, Frontline Ventures, and operators who’ve built some of the most consequential software companies of the last decade.

We’re a small team with an unapologetically high bar. It shows up in the product, in how we communicate, and in the standards we hold each other to.

At Humaans we’re looking for genuinely good people that are transparent and emphatic. We’re committed to providing equal opportunities, a diverse and inclusive work environment, and ensuring a fair interview process for everyone.

Privacy notice: We care about your privacy. When you apply for a role at Humaans, we’ll collect and process your personal data as part of our recruitment process.