Director of Information Security

WHO WE ARE

GridUnity is the industry leader in interconnection life cycle management, delivering cutting-edge software solutions that eliminate bottlenecks in the interconnection process and accelerate the transition to a more affordable, sustainable, and resilient energy future.

Our Mission

We unite all grid interconnection stakeholders on a single platform that converts centralized data into actionable intelligence and accelerates the transition to a reliable, sustainable, and cost-efficient electric grid.

GridUnity is a trusted partner to leading utilities, grid operators, and policymakers. Our technology solutions tackle the interconnection queue backlog by significantly reducing processing times. Whether cutting transmission interconnection timelines from years to months or enabling distribution applications to be processed within a day, we help accelerate energy projects at every scale.

Our Vision
Energizing the planet with a faster, smarter, and more sustainable grid.

WHAT YOU’LL DO

As the Director of Information Security, you will build and lead a comprehensive security and compliance program that protects the company’s information, systems, and customer data This role will serve as both the strategic leader and operational owner of GridUnity’s security posture, responsible for governance, risk, compliance, and customer assurance. You will evolve our security program from audit readiness to security maturity—building systems, processes, and culture that embed security into how we operate. This role ensures the organization is audit-ready, resilient to risk, and trusted by customers and partners, while enabling the business to move quickly and innovate safely. This role reports to the VP of Operations.

PRIMARY RESPONSIBILITIES

Security Program Leadership

• Develop and lead the company-wide information security strategy aligned to business goals. (Annual planning; ongoing oversight)

• Establish and manage the risk management program, including regular reporting to executive leadership. (Quarterly reporting; ongoing monitoring)

Audit & Compliance Ownership

• Own SOC 2 Type 2, NIST 800-171, and other required audits end-to-end. (Annual; intensive during audit windows)

• Serve as the primary point of contact for auditors and ensure continuous audit readiness. (Ongoing)

Governance & Risk Management

• Maintain and evolve security policies, standards, and controls, including AI/LLM governance. (Quarterly review; updates as needed)

• Lead incident response planning and periodic tabletop exercises. (Annual/Semi-Annual)

Security Oversight & Business Partnership

• Partner with Engineering to ensure secure architecture, SDLC, and cloud security practices. (Ongoing)

• Oversee vulnerability management, access controls, and vendor risk management. (Ongoing)

• Lead customer security assurance efforts, including questionnaires and enterprise security discussions. (As needed)

WHAT YOU’LL BRING

• 8+ years of experience in information security, risk, or compliance

• 3+ years leading security programs and external audits (SOC 2, NIST, ISO, or similar)

• Strong working knowledge of cloud security, risk management frameworks, IAM, and secure SDLC practices

• Demonstrated experience serving as primary audit owner and interfacing with auditors

• Excellent written and verbal communication skills, including executive-level reporting

• Bachelor’s degree in Information Security, Computer Science, Cybersecurity, or related field (or equivalent professional experience)

WHAT WILL SET YOU APART

• Experience in a startup, scaling SaaS company, or similarly dynamic environment.

• Relevant certifications (e.g., CISSP, CISM, CRISC, CISA)

• Master’s degree in a related field

OUR CULTURE

We are a lean, fast-moving team that values bold thinking, reliability, and continuous learning. We operate with radical transparency, embrace scrappiness, and build solutions that anticipate customer needs. We also believe work should be fun and fulfilling — what we call “funfillment.”

The right candidate is energized by working in a scaling, mission-driven company where they can shape processes, wear multiple hats, and grow alongside the business.

BENEFITS/PERKS

• Competitive compensation packages that recognize your expertise and contributions

• Remote-first culture that provides flexibility and balance

• Professional development opportunities, including training, mentorship, and career pathing

• Comprehensive health, dental, and vision insurance starting day one

• Short- and long-term disability and basic life insurance at no cost to you

• 401(k) plan with a 4% match to help secure your future

• Flexible PTO and a supportive work culture that values balance

• Mission-driven work with the opportunity to make a significant impact in the energy sector

ELIGIBILITY REQUIREMENT

This position may involve access to data and systems subject to U.S. critical infrastructure protection regulations. Accordingly, this role is restricted to individuals who qualify as “U.S. persons,” defined by federal law as U.S. citizens, lawful permanent residents (green card holders), asylees, or refugees.

OUR COMMITMENT TO APPLICANTS

GridUnity is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, disability, veteran status, arrest and conviction record, or any other characteristic protected under applicable law.

We are committed to creating an inclusive workplace where every team member feels valued, supported, and able to bring their authentic self to work.

If you need a reasonable accommodation during the application or interview process, please email careers@gridunity.com.

For your security, all official communication from GridUnity will only come from email addresses ending in @gridunity.com.