Security & Compliance Manager
Job Title: Security & Compliance Manager
Location: Downton Boston, MA
Compensation: $137K + 15% Bonus and Full Benefits package day one
As we scale, we are strengthening our governance, risk, and compliance capabilities to protect our customers, data, and systems. We are seeking a Security & Compliance Manager to lead our compliance, risk management, and privacy initiatives while enabling teams across the organization to meet evolving regulatory requirements.
You’ll work closely with our Infosec, IT, Legal, Operations, and Engineering teams to mature our compliance programs — starting with CCPA readiness and maintaining PCI DSS SAQ Level 3 compliance — while preparing for future frameworks such as SOC 2.
You’ll serve as a trusted advisor to stakeholders, providing clear, actionable guidance on the risk, security, and compliance implications of product and business decisions. Your insights will help teams make informed choices that balance innovation with regulatory and security requirements.
This is a high-impact, cross-functional role where you’ll help define policies, select and implement a GRC platform, guide audits, and build scalable processes that make security and compliance part of our culture.
What you will do:
Compliance Program Leadership – Own and mature the company’s compliance programs, including CCPA, PCI DSS, and emerging privacy/security regulations.
Risk Management – Identify, assess, and monitor risks; partner with stakeholders to ensure mitigations are implemented and effective.
Advisory & Stakeholder Support – Act as a subject matter expert for stakeholders across Product, Engineering, Legal, and Operations, providing guidance on the risk, privacy, and compliance consequences of product features, architecture decisions, and vendor selections.
Privacy & Regulatory Alignment – Implement and maintain privacy policies, data handling standards, and processes to meet CCPA and other applicable privacy laws.
Cross-Functional Collaboration – Partner with Infosec, IT, Legal, Operations, and Engineering to align compliance efforts with business goals.
GRC Platform Implementation – Select and roll out a governance, risk, and compliance platform to centralize policies, controls, and audit workflows.
Policy & Process Development – Draft, maintain, and communicate security and compliance policies, standards, and playbooks.
Audit & Assessment Management – Lead internal/external audits and vendor risk assessments; coordinate evidence collection and reporting.
Training & Awareness – Develop and deliver compliance and security awareness training to employees.
Metrics & Reporting – Track compliance KPIs and report progress to leadership.
What We’re Looking For:
6+ years of experience in compliance, governance, or information security roles, with at least 3+ years in a management or lead capacity.
Hands-on experience with privacy and security frameworks such as CCPA, PCI DSS, SOC 2, GDPR etc.
Familiarity with compliance automation/GRC platforms (e.g., Drata, Vanta, OneTrust) and ticketing/documentation tools (e.g., Jira, Confluence, SharePoint).
Strong understanding of cloud security concepts and how they intersect with compliance requirements.
Proven track record of leading audits, vendor assessments, and regulatory readiness programs.
Excellent communication and stakeholder management skills, with the ability to influence across functions.
Self-starter with the ability to thrive in a fast-paced, scaling environment.
Why You’ll Love Working Here:
Join a diverse and passionate team in a flexible and innovative work environment.
Contribute to the success of the world's leading car-sharing network.
Your ideas and input will always be valued—we encourage creativity and the use of new tools.
What tops off the tank:
Rest & Relax! Flexible PTO and Sick time
Save for Your Future! 401(k) with company match from day one of hire
Benefits: Excellent, low-cost healthcare coverage including: medical, dental, vision, eligibility day one
Drive a Flexcar! Discounted employee rate on Flexcar products and no annual membership fee
Weekly Pay
and other amazing perks!
We are fiercely disrupting the concept of automobile ownership
Flexcar is completely reimagining car ownership. We offer the world’s first month-to-month car lease, with insurance and maintenance included. Members can swap cars anytime as their needs change, without the commitment or hassle of traditional car ownership. By combining operational expertise with technology, data, and AI, we’re transforming every aspect of the customer journey and delivering a more affordable, flexible, and hassle-free alternative to buying or leasing.
Disclaimer: This job description may not be inclusive of all assigned duties, responsibilities, or aspects of the job described, and may be amended at anytime at the sole discretion of the Employer.
Flexcar is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind. Flexcar provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.
Flexcar is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind. Flexcar provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.