Attio is on a mission to redefine CRM for the AI era.
We’re building the first AI-native CRM — designed for the most ambitious go-to-market teams. We recently announced our https://attio.com/blog/attio-raises-52m-series-b $52M Series B, led by GV (Google Ventures), with support from Redpoint, Balderton, Point Nine, and 01A. Our team thrives on solving complex technical challenges, delighting our users, and setting a new standard for the industry.
What you'll do
- Enable trust and security at scale: Be a key enabler of Attio’s security and compliance foundations as we continue to scale rapidly. You’ll ensure our governance, risk, and compliance posture evolves in step with the business — protecting customer trust while enabling speed and growth.
- Enable security certifications and frameworks: Own and operate Attio’s security governance frameworks (e.g. ISO 27001, SOC 2), ensuring controls are well-designed, embedded, and effective as the company grows.
- Lead audits with confidence and clarity: Plan, coordinate, and lead external audits end-to-end, working cross-functionally across Attio and acting as the primary point of contact for third-party assessors and auditors.
- Enable certification readiness and renewal: Drive programmes to maintain existing certifications and achieve new ones as required by the business, ensuring Attio remains enterprise-ready and trusted by customers.
- Monitor, manage, and remediate risk: Identify, track, and remediate non-compliances and security risks, using appropriate tooling and pragmatic processes that scale with the organisation.
- Enable customer trust through transparency: Own and maintain Attio’s customer-facing Trust Centre, and coordinate timely, high-quality responses to customer and prospect security questionnaires and trust-related requests.
- Partner with vendors to strengthen security: Select and manage external vendors for penetration testing and security assessments, and lead remediation programmes to address findings effectively.
- Collaborate cross-functionally to enable growth: Work closely with Security, Engineering, Product, Legal, Sales, and Customer teams to ensure security and compliance efforts are aligned, pragmatic, and enabling rather than blocking.
What we offer
- Competitive salary of £105,000 to £125,000
- Equity in an early-stage tech company on an incredible trajectory
- 25 days holiday plus local public holidays
- Apple hardware
- Private medical insurance through AXA
- Pension contribution through Hargreaves Lansdown
- Enhanced family leave
- Team off-site in fun places! (We've been to Barcelona, Lisbon, Malta, and Split so far)
What you’ll bring
- Audit and certification experience: Proven experience leading certification and re-certification audits (e.g. ISO 27001, SOC 2), including preparation, execution, and remediation.
- Strong security governance foundations: Hands-on experience designing, implementing, and operating security compliance programmes in line with recognised frameworks and standards.
- Programme ownership mindset: A strong track record of managing complex, cross-functional programmes in fast-moving, high-growth environments.
- Clear and credible communication: Able to explain security and compliance concepts clearly to technical and non-technical stakeholders, internally and externally.
- Stakeholder-first approach: Comfortable partnering with teams across all levels of the organisation, balancing security requirements with business needs.
- Comfort with ambiguity and change: Confident operating in evolving environments where processes and priorities are continuously maturing.
