Why This Job is Featured on The SaaS Jobs
In SaaS—particularly security-focused SaaS—risk and compliance functions increasingly sit at the center of how products are sold, deployed, and trusted. This Head of Risk and Compliance role stands out because it is positioned to build a global program that connects cybersecurity realities with enterprise governance expectations, with direct linkage into the CISO organization and visibility into board-level reporting.
For a long-term SaaS career, the work offers durable leverage: designing an ERM framework, operationalizing a risk register and metrics cadence, and translating standards into repeatable controls. Experience spanning SOC 2, ISO, FedRAMP, GDPR, and vendor risk management tends to travel well across B2B SaaS, where customers and regulators often shape roadmap, procurement, and incident readiness as much as engineering does.
The role is best suited to a leader who prefers systems-building over incremental compliance maintenance, and who is comfortable influencing across technical and business stakeholders. It will fit someone who enjoys balancing quantitative risk analysis with clear executive communication, and who wants a hybrid, office-linked operating model rather than a fully distributed setup.
The section above is editorial commentary from The SaaS Jobs, provided to help SaaS professionals understand the role in a broader industry context.
Job Description
Employment Type
Full time
At Semperis, our mission is to be a Force for Good. Starting with being a great place to work. We believe that when people feel valued, supported, and empowered, they do their best work. That’s why we focus on creating an employee experience rooted in purpose, growth, and balance. Semperis has been recognized as one of America’s Fastest-Growing Cybersecurity Companies by the Inc. 5000, a DUNS 100 Top Startup to Work For, and a multi-year Inc. Best Workplace awardee.
What We Are Looking For:
Semperis is seeking a strategic and forward-thinking Head of Risk to build and lead our global risk and compliance management function.
About the Role
Reporting to the Deputy CISO, you’ll be responsible for designing, implementing, and continuously improving the company’s enterprise risk management (ERM) framework and compliance frameworks, ensuring that security, compliance, and business resilience are embedded into how we operate.
This role requires a leader who can balance technical depth with business acumen—someone who understands cybersecurity risk, regulatory expectations, and operational realities, and can translate that into actionable programs across the organization.
**Hybrid in either Dallas, TX or Hoboken, NJ
What You’ll Be Doing
Collaborate with different stakeholders to identify, assess, and mitigate operational, cybersecurity, and compliance risks.
Own and evolve the company’s risk register, metrics, and reporting cadence, providing transparent insights to the CISO, senior leadership, and board committees.
Manage and lead the company’s compliance frameworks including ISO, Common Criteria, FedRamp, SOCII, GDPR, and more.
What You’ll Bring
7+ years of experience in enterprise risk management, cybersecurity, or information assurance, with at least 5 years in leadership capacity.
Strong understanding of cybersecurity frameworks, operational risk, business continuity, and compliance programs.
Familiarity with standards and regulations such as NIST, ISO 27001, SOC 2, GDPR, DORA, and NIS2.
Relevant certifications preferred: CRISC, CISSP, CISM, CISA, ISO 27005 Risk Manager, or equivalent.
Why Join Semperis?
You’ll be part of a global team on the front lines of cybersecurity innovation. At Semperis, we celebrate curiosity, integrity, and people who take initiative. If you’re someone who sees the glass as half full, embraces challenges as growth opportunities, and values a healthy balance between work and life—we’d love to meet you.
**Semperis maintains office locations in several cities across the globe. Candidates who reside within 45 miles of one of our offices—or where the job description specifies a required location—will follow our hybrid work model. This includes working onsite three days per week and remotely the remaining days.
Semperis is an equal opportunity employer and will not discriminate against an applicant or employee based on race, color, religion, creed, national origin or ancestry, ethnicity, sex (including gender, pregnancy, sexual orientation, and gender identity), age, physical or mental disability, veteran or military status, genetic information, citizenship, marital status, or any other legally recognized protected basis under federal, state, or local law. The information collected by the Semperis application is solely to determine suitability for employment, verify identity, and maintain employment statistics.
Applicants with disabilities may be entitled to reasonable accommodation under the Americans with Disabilities Act and/or other applicable state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on Semperis. Please inform Semperis representative Anna Taylor, Director of Global Recruiting, if you need assistance completing this application or to otherwise participate in the application process.
