Director, Governance, Risk and Compliance (GRC)

📋 Description

• Own the GRC framework mapping to SOC 2, ISO 27001, FedRAMP, NIST CSF
• Quantify risk using FAIR/OCTAVE with AI-driven insights
• Modernize security policies for AI-native engineering; automate
• Lead TPM; translate audit findings into engineering programs
• Build dashboards and reports for executive risk visibility
• Collaborate with OCISO and external auditors to enable deals

🎯 Requirements

• 10+ years in Information Security, Risk Management, or IT Audit
• 5+ years leading GRC teams in SaaS/cloud-native environments
• Cloud native fluency: AWS, GCP, Azure, Kubernetes
• AI fluency to scale internal GRC programs
• Mastery of SOC 2 Type II, ISO 27001/27701, NIST 800-53, PCI-DSS
• FedRAMP familiarity; GDPR/CPRA privacy knowledge
• TPM, Jira/Confluence; strong cross-functional leadership
• BS/MS in CS/IS/Business; CISSP/CISM/CISA/CRISC is a strong plus

🎁 Benefits

• Belonging across time zones; equal opportunity workplace
• Remote-friendly with flexible collaboration