Related skills
gdpr iso 27001 fedramp soc 2 hipaaπ Description
- Own Everlaw's GRCT program including governance, risk, and trust.
- Lead FedRAMP, GovRAMP, and other regulatory authorizations.
- Maintain global certifications: SOC 2, ISO 27001/27017/27018, GDPR, HIPAA.
- Manage audit readiness, control ownership, and evidence management.
- Oversee third-party security risk and vendor risk lifecycle.
- Drive program operations, automation, and scalable controls.
π― Requirements
- 10+ years in information security, risk, or compliance.
- Senior ownership of FedRAMP Moderate/High programs from authorization through steady-state.
- Builder mindset; hands-on GRC automation platforms.
- Strong risk judgment; translate requirements into practical controls.
- Partner with Engineering to embed security into DevOps/CI/CD workflows.
- Bachelor's degree plus CISM, CISSP, or CISA certifications.
π Benefits
- Equity program
- 401(k) retirement plan with company matching
- Health, dental, and vision
- Flexible Spending Accounts for health and dependent care
- Paid parental leave and ~10 days sick leave
- Seventeen vacation days plus 11 federal holidays
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Operations Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!