Filevine
Filevine4h ago
New
USD 190000–210000/yr

Head of Trust and Secirty

United StatesUnited States·Salt Lake CityRemoteFull-timeexecutive
OtherHead
0 views0 saves0 applied

Quick Summary

Overview

Filevine is a Legal AI company delivering Legal Operating Intelligence for the future of legal work. Grounded in a singular system of truth, Filevine brings together data, documents, workflows,

Technical Tools
OtherHead
Filevine is a Legal AI company delivering Legal Operating Intelligence for the future of legal work. Grounded in a singular system of truth, Filevine brings together data, documents, workflows, and teams into one unified platform—where modern legal work happens with clarity and consistency.
 
Powered by LOIS, the Legal Operating Intelligence System, Filevine connects context across every matter to transform legal operations from reactive to proactive. LOIS reads, understands, and reasons across your data to surface insight, automate complexity, and give professionals the clarity and confidence to see more, know more, and do more. Fueled by a team of exceptional collaborators and innovators, Filevine’s rapid growth has earned AI awards and recognition from Deloitte and Inc. as one of the most innovative and fastest-growing technology companies in the country.

The Head of Trust, Security Compliance, Privacy & FedRAMP is a senior leadership role accountable for Filevine’s highest-trust security, compliance, privacy, and government authorization initiatives. This leader owns the operating system that turns regulatory obligations, customer commitments, security risk, and privacy requirements into prioritized, shipped work across Engineering, Security, Product, Legal, Sales, and Customer-facing teams.

This is not a coordinator role. The leader will own Filevine’s FedRAMP 20x Moderate strategy and execution, with dedicated engineering resources assigned specifically to FedRAMP compliance. They will set the compliance engineering roadmap, define evidence and automation requirements, drive cross-functional execution, and hold stakeholders accountable for measurable outcomes.

The first mission for this role is to accelerate Filevine’s FedRAMP 20x Moderate readiness and ongoing compliance posture as meausered by booked ARR, logos closed, pipeline conversion and customer adoption. This includes evidence automation, control implementation, continuous monitoring, vulnerability and remediation governance, POA&M discipline, 3PAO and FedRAMP PMO engagement, agency-facing readiness, and executive-level risk reporting.

Beyond FedRAMP, this leader owns Filevine’s broader trust and compliance stack, including security compliance, privacy operations, customer trust commitments, audit readiness, and the internal processes that keep these programs scalable. They must be able to operate at both strategic and execution levels: translating regulatory frameworks into technical work, aligning leaders around risk-based priorities, and communicating clearly with executives, auditors, customers, and engineering teams.

Operating in a hypergrowth legal-tech and AI environment, the role requires technical judgment, executive presence, strong prioritization instincts, and the ability to build durable compliance systems rather than one-time audit artifacts.

  • Own Filevine’s FedRAMP 20x Moderate strategy, delivery plan, certification readiness, and ongoing compliance posture.

  • Lead the design and execution of FedRAMP evidence automation, continuous monitoring, and reporting required for Marketplace certification and sustained authorization.

  • Serve as the single-threaded owner for FedRAMP engagements with 3PAOs, the FedRAMP PMO, agency stakeholders, and internal executive sponsors.

  • Set the roadmap and priorities for dedicated FedRAMP engineering resources, ensuring regulatory requirements become shipped technical controls, automated evidence, and operationally sustainable processes.

  • Own POA&M governance, risk acceptance workflows, certification readiness reporting, and remediation planning across product and platform teams.

  • Ensure FedRAMP implementations are pragmatic, risk-based, technically grounded, and appropriately scoped for Filevine’s architecture, maturity, and business priorities.

  • Provide clear, consistent executive reporting on progress, risk, tradeoffs, dependencies, resourcing needs, and certification readiness.

  • Own the operating model for Filevine’s security compliance and trust programs across FedRAMP, SOC 2, ISO, HIPAA, PCI-DSS, customer security commitments, and related frameworks.

  • Partner with the CISO, Security Engineering, Product, and Infrastructure leaders to convert compliance obligations and security findings into prioritized engineering work.

  • Drive governance for vulnerability findings from scanning tools, penetration tests, customer reviews, audits, and bug bounty programs, including risk adjustment, remediation ownership, escalation, and executive tradeoff decisions.

  • Maintain a single source of truth for security/compliance status, control gaps, remediation commitments, and customer-facing trust claims.

  • Ensure trust center materials, customer security responses, sales enablement messaging, and public compliance claims are accurate, current, and defensible.

  • Own Filevine’s operational privacy program in partnership with Legal, Security, Product, Marketing, and Engineering.

  • Oversee privacy tooling and workflows, including consent management, cookie compliance, data subject request operations, data mapping, subprocessors, retention, and privacy-by-design review processes.

  • Translate privacy obligations and customer commitments into product, engineering, and operational requirements.

  • Partner with Legal on DPAs, subprocessors, customer privacy commitments, and regulatory changes that affect Filevine products and data practices.

  • Support AI and data governance efforts by ensuring privacy, security, and customer trust requirements are reflected in product and operational decisions.

  • Translate security, compliance, FedRAMP, and privacy requirements into roadmaps, epics, milestones, and prioritized engineering work.

  • Batch, sequence, and present initiatives through Agile ceremonies, planning forums   for prioritization against company-wide initiatives.

  • Define success metrics, delivery milestones, ownership models, and operating cadences across long-running, multi-quarter initiatives.

  • Drive alignment between compliance goals, engineering capacity, product strategy, customer commitments, and business risk.

  • Partner with engineering leaders to scope work deeply enough that teams understand the control objective, technical requirement, evidence expectation, and business priority.

  • Drive alignment across Engineering, Product, Security, Legal, Compliance, Sales, Marketing, Customer Success, and executive leadership teams.

  • Clearly communicate scope, sequencing, dependencies, risks, and tradeoffs across a large and evolving portfolio of work.

  • Continuously rebalance priorities in response to customer demands, federal market requirements, audit findings, product strategy, and changing risk posture.

  • Lead change management efforts to embed security, privacy, compliance, and FedRAMP requirements into Filevine’s operating model and product culture.

  • Escalate effectively when tradeoffs require executive decision-making, budget, staffing, or scope changes.

  • Bachelor’s degree or equivalent practical experience.
    • 10+ years of experience in security compliance, GRC, product/program leadership, privacy, trust, or related roles within SaaS, cloud, or high-trust technology environments.

    • Direct ownership of FedRAMP Moderate, FedRAMP High, FedRAMP 20x, or a comparable federal cloud authorization program.

    • Proven experience translating regulatory, security, and privacy requirements into technical implementation plans with engineering teams.

    • Experience leading complex, cross-functional initiatives with executive visibility, ambiguous requirements, and multi-quarter delivery timelines.

    • Experience partnering with security engineering, infrastructure, product, legal, audit, and customer-facing teams.

    • Deep knowledge of FedRAMP, NIST 800-53, FedRAMP 20x automation concepts, continuous monitoring, POA&M governance, 3PAO engagement, and federal cloud authorization workflows.

    • Strong working knowledge of security and compliance frameworks such as SOC 2, ISO 27001, HIPAA, PCI-DSS, and customer security review processes.

    • Strong working knowledge of privacy operations, consent management, data governance, DSR workflows, subprocessors, DPAs, retention, and privacy-by-design practices.

    • Ability to translate regulatory and security requirements into actionable, value-driven product and engineering work.

    • Strong product and program management expertise, including roadmap development, prioritization, milestone definition, and executive reporting.

    • Pragmatic, analytical approach to risk management and decision-making in fast-paced environments.

    • Excellent stakeholder management, written communication, and executive presence.

    • Comfort operating with dedicated engineering resources while remaining accountable for prioritization, clarity, outcomes, and risk-based tradeoffs.

    Nice to Have

    ~2 min read
    • Experience with FedRAMP 20x, evidence automation, GRC engineering, compliance-as-code, or continuous control monitoring.

    • Experience supporting federal, state, healthcare, insurance, legal, or other regulated enterprise customers.

    • Certifications such as CISSP, CISM, CISA, CRISC, PMP, or similar are a plus.

     
    Filevine is an Equal Opportunity Employer. Qualifications for employment, promotion and other terms and conditions of employment are based upon the ability to perform the job. Equal-employment opportunities are provided to all applicants and employees without regard to race, creed, religion, color, age, national origin, sex, disability, veteran status, or other legally protected class. Filevine is committed to providing reasonable accommodations for qualified individuals with disabilities. If you need assistance or accommodation due to disability, or if you have concerns related to Filevine’s equal employment opportunities, you may contact us at legal@filevine.com
     
    Cool Company Benefits:
    - A dynamic, rapidly growing company, focused on helping organizations thrive 
    - Medical, Dental, & Vision Insurance (for full-time employees)
    - Competitive & Fair Pay
    - Maternity & paternity leave (for full-time employees)
    - Short & long-term disability
    - Opportunity to learn from a dedicated leadership team
    - Top-of-the-line company swag
     
    Privacy Policy Notice
    Filevine will handle your personal information according to what’s outlined in our Privacy Policy.
     
    Communication about this opportunity, or any open role at Filevine, will only come from representatives with email addresses using "filevine.com". Other addresses reaching out are not affiliated with Filevine and should not be responded to.
     

    Location & Eligibility

    Where is the job
    Salt Lake City, United States
    Remote within one country
    Who can apply
    US

    Listing Details

    Posted
    July 9, 2026
    First seen
    July 9, 2026
    Last seen
    July 9, 2026

    Posting Health

    Days active
    0
    Repost count
    0
    Trust Level
    87%
    Scored at
    July 9, 2026

    Signal breakdown

    freshnesssource trustcontent trustemployer trust
    Filevine

    Filevine is a cloud-based legal technology company providing case management, document management, and automation tools for law firms and legal departments. [1, 4, 30] It aims to simplify and elevate complex legal work. [5, 19]

    Employees
    750
    Founded
    2015
    View company profile
    Newsletter

    Stay ahead of the market

    Get the latest job openings, salary trends, and hiring insights delivered to your inbox every week.

    A
    B
    C
    D
    Join 12,000+ marketers

    No spam. Unsubscribe at any time.

    FilevineHead of Trust and SecirtyUSD 190000–210000