Senior Security Assurance Manager

About UsRed Cell Partners is an incubation firm building and investing in rapidly scalable technology-led companies that are bringing revolutionary advancements to market in three distinct practice areas: healthcare, cyber, and national security. United by a shared sense of duty and deep belief in the power of innovation, Red Cell is developing powerful tools and solutions to address our Nation’s most pressing problems.About TraseCo-founded in 2023 by Joe Laws and Grant Verstandig, Trase Systems is AI, Uncomplicated. Trase empowers enterprise leaders to harness the full potential of AI without the associated complexity and risks. We are an end-to-end solution for deploying, managing, and optimizing AI in the enterprise. Our platform specializes in bridging the “last mile” of AI adoption, unlocking AI's full potential while driving efficiency and significant cost savings.Trase is at the forefront of AI Agent innovation, topping the Hugging Face GAIA Leaderboard for Generalized AI Assistants, ahead of industry giants such as Google, Meta, Microsoft, and OpenAI. We are leveraging our cutting-edge technologies to develop mission-critical agentic applications in complex industries such as Healthcare, Oil & Gas, and National Security.About the RoleAs the Senior Security Assurance Manager, you will own the strategic governance backbone of Trase's Security and Compliance program, implementing and overseeing the processes, policies, and controls that allow us to operate safely and credibly in highly-regulated markets.You will define and steward Trase's security policies and procedures, lead internal and external audits, and conduct comprehensive risk assessments across the organization. You will be the primary owner of our SOC 2 and HIPAA programs and champion of our broader GRC functions (e.g., risk management, policy documentation, control design, continuous monitoring, etc.).This is a player-coach role. You will operate hands-on across contexts and stakeholder groups while building the team, processes, and tooling that allow Trase's governance capabilities to scale alongside the business.Why This Role ExistsTrase is rapidly solving mission-critical challenges in some of the most highly regulated markets in the world, where customer trust and assurance are non-negotiable. As we grow our global footprint and our compliance landscape evolves, we need a senior leader who can scale our security and compliance posture so that it is always a core tenet of who we are and what we deliver.This role is an investment in the next chapter of Trase security assurance. It is aimed at maturing our continuous monitoring and control frameworks, sharpening how we manage enterprise risk, and ensuring that our combined security capabilities continue to build trust and unlock net-new opportunities.ResponsibilitiesCompliance Program OwnershipOwn and operate Trase's SOC 2 and HIPAA programs end-to-end, including scoping, control design, evidence collection, and remediation tracking.Lead readiness and execution for additional frameworks as Trase enters new markets, including ISO 27001, FedRAMP, NIST 800-53, CMMC, and ISO 42001.Manage the full lifecycle of internal and external audits, serving as the primary point of contact for auditors, assessors, and regulators.Governance, Risk & Control DesignMaintain Trase's enterprise risk register, conducting recurring risk assessments across people, process, and technology.Design, document, and operationalize security policies, standards, and procedures aligned to industry frameworks and Trase's risk appetite.Own our common control framework in Drata, monitoring and refining controls across overlapping regimes to minimize duplication and audit burden.Continuous Monitoring & Control AssuranceShift Trase's compliance posture from reactive to proactive by implementing continuous control monitoring, automated evidence collection, and recurring control testing.Define KRIs, KPIs, and reporting cadences that give leadership real-time visibility into the health of the security program.Identify control gaps, perform root cause analysis, and drive remediation in partnership with control owners across the enterprise.Vendor & Third-Party RiskEnhance and operate Trase's third-party risk management program, including vendor security reviews, ongoing monitoring, and contractual security requirements.Partner with Legal to ensure DPAs, BAAs, and security addenda meet regulatory and customer requirements.Customer Trust & Sales EnablementServe alongside other subject matter experts or leaders, as a senior representative in customer security reviews, RFPs, and prospect-facing trust conversations.Maintain trust collateral (SOC 2 reports, security questionnaires, trust portal content) and reduce friction in customer due diligence.Translate customer and regulator expectations into actionable program requirements.Cross-Functional PartnershipPartner closely with peers within Trase Security and Compliance, Engineering, and