Attio is on a mission to redefine CRM for the AI era.
We’re building the first AI-native CRM — designed for the most ambitious go-to-market teams. We recently announced our $52M Series B, led by GV (Google Ventures), with support from Redpoint, Balderton, Point Nine, and 01A. Our team thrives on solving complex technical challenges, delighting our users, and setting a new standard for the industry.
What you'll do
Enable trust and security at scale: Be a key enabler of Attio’s security and compliance foundations as we continue to scale rapidly. You’ll ensure our governance, risk, and compliance posture evolves in step with the business — protecting customer trust while enabling speed and growth.
Enable security certifications and frameworks: Own and operate Attio’s security governance frameworks (e.g. ISO 27001, SOC 2), ensuring controls are well-designed, embedded, and effective as the company grows.
Lead audits with confidence and clarity: Plan, coordinate, and lead external audits end-to-end, working cross-functionally across Attio and acting as the primary point of contact for third-party assessors and auditors.
Enable certification readiness and renewal: Drive programmes to maintain existing certifications and achieve new ones as required by the business, ensuring Attio remains enterprise-ready and trusted by customers.
Monitor, manage, and remediate risk: Identify, track, and remediate non-compliances and security risks, using appropriate tooling and pragmatic processes that scale with the organisation.
Enable customer trust through transparency: Own and maintain Attio’s customer-facing Trust Centre, and coordinate timely, high-quality responses to customer and prospect security questionnaires and trust-related requests.
Partner with vendors to strengthen security: Select and manage external vendors for penetration testing and security assessments, and lead remediation programmes to address findings effectively.
Collaborate cross-functionally to enable growth: Work closely with Security, Engineering, Product, Legal, Sales, and Customer teams to ensure security and compliance efforts are aligned, pragmatic, and enabling rather than blocking.
What you’ll bring
Audit and certification experience: Proven experience leading certification and re-certification audits (e.g. ISO 27001, SOC 2), including preparation, execution, and remediation.
Strong security governance foundations: Hands-on experience designing, implementing, and operating security compliance programmes in line with recognised frameworks and standards.
Programme ownership mindset: A strong track record of managing complex, cross-functional programmes in fast-moving, high-growth environments.
Clear and credible communication: Able to explain security and compliance concepts clearly to technical and non-technical stakeholders, internally and externally.
Stakeholder-first approach: Comfortable partnering with teams across all levels of the organisation, balancing security requirements with business needs.
Comfort with ambiguity and change: Confident operating in evolving environments where processes and priorities are continuously maturing.
What we offer
Competitive salary of £105,000 to £125,000
Equity in an early-stage tech company on an incredible trajectory
25 days holiday plus local public holidays
Apple hardware
Private medical insurance through AXA
Pension contribution through Hargreaves Lansdown
Enhanced family leave
Team off-site in fun places! (We've been to Barcelona, Lisbon, Malta, and Split so far)