About

We’re a growing startup that needs to get audit-ready across multiple compliance frameworks: GDPR, SOC 2 Type II, ISO 27001, and HIPAA. We’re using a compliance automation platform (such as Vanta, Drata, TrustCloud, or Secureframe) and need an experienced consultant to help us with: Setting up and connecting integrations (AWS/GCP/Azure, GitHub, Jira, Google Workspace/Okta, Slack, HR tools, etc.) Drafting and tailoring policies and procedures for GDPR, SOC 2 Type II, ISO 27001, and HIPAA requirements Preparing and organizing evidence collection for each framework Advising on risk assessments, data protection practices, and vendor due diligence Coordinating penetration test requirements and integrating results into our platform Creating a handoff playbook so our internal team can maintain compliance long-term