Related skills
information security nist grc pci dss soc 2π Description
- Hire, mentor, and develop SMEs across frameworks, tests, and maintenance.
- Own end-to-end framework release process with Product and Engineering.
- Drive program mgmt for GRC content: launches, updates, escalations, requests.
- Build stable team with operating rhythms; delegate; monitor health.
- Align team roadmap to product strategy; adjust for regulatory shifts.
- Champion AI-assisted compliance and translate knowledge into machine-readable specs.
π― Requirements
- 7+ years GRC/InfoSec across SOC2, ISO 27001/27701, HIPAA, PCI DSS, NIST; cloud/SaaS.
- 2+ years managing technical or SME teams; talent development.
- Experience spanning Product, Engineering, GTM; content lifecycle.
- Strong program management; process definition; prioritization.
- Deep GRC craft: controls, risks, testing, evidence; POA&M.
- Product-minded; translate needs into product capabilities; data-driven.
- AI-augmented: fluency with AI tools; safe-use guidelines.
- Excellent written and verbal communication; cross-functional partner.
π Benefits
- Industry-competitive salary and equity
- Comprehensive medical, dental, and vision; employee premiums covered
- 16 weeks parental leave
- Health & wellness stipend
- Remote workspace, internet, and cellphone stipend
- Matching 401(k) contribution with immediate vesting
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Product Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!