Fractional Compliance & GRC Officer

About Pact Fi

Private asset markets (PE, Private Credit, VC, Real Estate) have 10x to 9.8T in AUM over the past decade and are projected to grow to $17T in the next five years. However, digital infrastructure has not kept pace, with most of the market operating predominantly in error‑prone, internal‑only software solutions.

Pact Fi provides secure, end‑to‑end, operational infrastructure for managing complex private credit transactions. Our web‑based application brings together all parties involved in such a transaction to more efficiently allocate capital, complete KYC, share documents, manage funds flow, and more. The platform is secured to a bank‑grade standard, and we have received our SOC 2 Type 2 attestation.

Pact Fi was developed in close partnership with two of the industry's largest players, both of whom represent the top 3 players in the private credit space by both size (AUM) and deal activity.

We are a growing capital markets fintech company seeking a Fractional Head of Compliance & GRC to oversee and administer our governance, risk, and compliance (GRC) program. Our platform provides software infrastructure used by financial institutions and capital markets participants. While we are not a regulated financial services provider, our customers operate in highly regulated environments, making strong security, risk management, and compliance practices critical.

The company currently maintains SOC 2 and ISO 27001 compliance and continues to expand its enterprise customer base and product footprint. This role combines strategic oversight with hands‑on administration of the company’s compliance processes, ensuring the organization remains audit‑ready and responsive to enterprise customer requirements.

The role works closely with the CEO, CTO, and Lead Dev Sec Ops  engineer, who own implementation of technical security controls. Engagement:
Approximately 10–30 hours per month, with workload fluctuating around audits and enterprise diligence requests. Reporting to: CEO / CTO.

• Administer and maintain the company’s compliance policies, procedures, and control documentation
• Ensure company processes remain aligned with SOC 2 and ISO 27001 frameworks
• Maintain documentation supporting compliance audits and enterprise diligence requests

• Coordinate the company’s SOC 2 and ISO 27001 audit processes
• Work closely with the CTO and Lead Dev Sec Ops  engineer to ensure technical controls and evidence are available for audits
• Act as the primary point of contact with external auditors, coordinating walkthroughs, evidence submission, and remediation tracking

• Lead responses to enterprise security questionnaires and compliance diligence requests
• Support customer security reviews and vendor risk assessments
• Maintain documentation commonly requested by enterprise customers

• Maintain the company risk register and risk tracking processes
• Support processes for incident reporting, escalation, and remediation tracking
• Ensure compliance processes evolve as the company grows

• Maintain documentation and review processes for vendor and third‑party risk
• Support vendor diligence required for audits and enterprise customers

• 8–12+ years of experience in compliance, risk management, or GRC
• Experience managing SOC 2, ISO 27001, or similar security/compliance frameworks
• Experience supporting enterprise customer security and compliance reviews
• Experience working with fintech, capital markets technology, or enterprise SaaS companies

You are a hands‑on compliance operator who can run the practical processes required to maintain strong compliance and risk governance at a growing technology company. You are comfortable working cross‑functionally with leadership, engineering, and customers to ensure the company remains audit‑ready and responsive to enterprise diligence requirements.

What We Offer

• Competitive salary + equity.
• Healthcare coverage.
• 401k