GRC Lead (Governance, Risk, and Compliance)

📋 Description

• Team Leadership: anchor for the GRC team.
• Program Architecture: own the GRC technical vision toward Compliance-as-Code.
• Thought Leadership: promote security and privacy culture.
• Engineering collaboration: bake in compliance early in design.
• Legal and Privacy: interpret privacy rules GDPR/CCPA and AI regs.
• Risk Register: own the Cybersecurity Risk Register.

🎯 Requirements

• 8+ years in GRC or InfoSec.
• Leadership: mentor GRC pros or lead cross-functional projects.
• Technical fluency: engineering, cloud GCP/AWS, security architecture.
• Regulatory breadth: SOC 2, ISO 27001, PCI, HIPAA, privacy laws.
• Collaborative communication: explain risk to engineers, legal, sales.
• Automation mindset: experience with GRC tools Vanta Drata.

🎁 Benefits

• Competitive salary and equity.
• 401(k) with 4% match.
• Health, dental, vision, and life insurance.
• Short and long term disability.
• Paid parental, medical, and caregiver leave.
• Commuter benefits.