Head of Policy and Compliance Solutions
Finite State
Finite State partners with product security teams, the guardians of our connected world, to create transparency for their connected devices and supply chains. Our platform handles connected devices and embedded systems across all industries, including those found in enterprises, healthcare, utilities, connected vehicles, manufacturing facilities, critical infrastructure, and government entities.
We are a fast-growing series-B company with a fully distributed workforce. Led by a team of seasoned experts, we are a mission-driven team passionate about arming our customers with the actionable insights, critical vulnerability data, and remediation guidance necessary to mitigate product risk and protect the connected attack surface. We are committed to a remote first culture.
Role summary
Finite State is seeking a Head of Policy and Compliance Solutions to lead our strategic response to the evolving global cybersecurity regulatory landscape. This role is critical to helping our customers navigate complex compliance requirements while positioning Finite State as the definitive authority on connected product security regulations. You will serve as a strategic leader, blending deep regulatory expertise, executive-level consulting experience, and cross-functional collaboration skills to help customers achieve compliance confidence across their connected product portfolios.
As a key member of the leadership team, the Head of Policy and Compliance Solutions will ensure we deliver exceptional regulatory guidance and compliance solutions through a combination of policy expertise, executive-level communication, and scalable service delivery. This is a high-impact, hands-on role for a proven leader who thrives in a fast-paced, mission-driven startup environment and has a passion for shaping the future of connected product security.
Responsibilities:
Regulatory & Policy Leadership
- Serve as the senior authority on global cybersecurity regulations impacting connected products, with deep expertise in CE RED, EU CRA, Connected Vehicle Rule, Cyber Trust Mark, and emerging regulatory frameworks.
- Monitor, analyze, and interpret evolving cybersecurity policies, regulations, and legislation across multiple jurisdictions and industry verticals.
- Maintain fluency in regulatory trends affecting consumer and industrial connected products, energy sector, automotive, medical devices, and other critical infrastructure.
Customer & Executive Engagement
- Engage directly with CISOs, Chief Compliance Officers, VPs of Engineering, and other C-suite stakeholders to provide strategic regulatory guidance.
- Lead executive-level discussions on compliance strategy, risk assessment, and regulatory roadmaps for complex connected product portfolios.
- Act as trusted advisor for key accounts navigating regulatory challenges and compliance timelines.
Solution Development & Market Positioning
- Collaborate with Product and Engineering teams to ensure Finite State's platform addresses current and anticipated regulatory requirements.
- Translate regulatory mandates into actionable compliance solutions and service offerings.
- Position Finite State as the market leader in regulatory compliance for connected product security through thought leadership and industry engagement.
Cross-Functional Leadership
- Partner closely with Legal, Product, Sales, Marketing, and Operations teams to align regulatory insights with business strategy.
- Support complex sales cycles by providing regulatory expertise, compliance assessments, and competitive differentiation.
- Contribute to overall GTM strategy, including pipeline acceleration through regulatory value proposition.
Industry & Government Relations
- Interface directly with regulators, auditors, and government agencies to stay ahead of policy developments.
- Represent Finite State at industry conferences, regulatory workshops, and standards committees.
- Build and maintain relationships with key stakeholders in the regulatory ecosystem.
Program Expansion & Team Development
- Expand and enhance existing compliance programs to meet growing customer demand.
- Provide strategic direction to and collaborate with individual contributors across the organization.
- Develop scalable processes and frameworks for delivering regulatory guidance and compliance solutions.
What we’re looking for:
- 10+ years in cybersecurity policy, regulatory compliance, or related fields with a proven track record of senior-level impact.
- Deep expertise in connected product cybersecurity regulations, such as CE RED, EU CRA, Connected Vehicle Rule, Cyber Trust Mark, and related frameworks.
- Strong understanding of compliance requirements across multiple industry verticals including automotive, medical devices, energy, and consumer electronics.
- Government experience with regulatory agencies, policy development, or legislative processes.
- Consulting experience with executive-level client engagement and strategic advisory services.
- Technology sector experience with B2B SaaS platforms and connected product ecosystems.
- Executive-level presence and the ability to engage confidently with C-suite executives and regulatory officials.
- Strong business acumen and experience translating regulatory requirements into market opportunities.
- Excellent verbal and written communication skills with the ability to distill complex regulatory concepts for diverse audiences.
- Experience operating in early-stage or high-growth technology environments.
- Advanced degree in Law, Public Policy, Engineering, or related field preferred.
- Willingness to travel domestically and internationally for customer engagements and regulatory meetings.
About Us
Built on two decades of cybersecurity experience, our team of experts understands the hidden risks in today’s enterprise networks, where IoT vulnerabilities are quickly becoming the entry point of choice for cyber attacks.
We have a sense of duty to protect the critical infrastructure we rely on including medical devices, power grids and telecommunication networks. We were founded in 2017 in Columbus, Ohio.
Finite State has a transparent, collaborative and supportive culture - we are looking for people who have a growth mindset, are curious and innovative, and drive results. Our team is smart, but humble, hard working with lots of fun sprinkled in. Above all, our team is driven by our noble mission and we hold ourselves accountable to delivering to our customers every single day.
The Finite State platform brings visibility and control to the supply chains that create connected devices and embedded systems—all in a simple to use platform and at the scale manufacturers need to keep device production on time and on budget. After unpacking and analyzing every file, configuration, and setting in a firmware build, the platform generates a complete bill of materials for software components, identifies known and 0-day vulnerabilities, shows a contextual risk score, and provides actionable insights that product teams can use to secure their software
We are proud to be an Equal Employer Opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. Finite State is committed to working with and providing reasonable accommodations to applicants with physical and mental disabilities.