Security specialist, GRC

📋 Description

• Own and drive WRITER's security compliance program end-to-end
• Lead audits for SOC 2 Type II and ISO 27001/27701/42001
• Manage security questionnaires, DDQs, and RFPs from customers
• Build and maintain security policies, controls, and governance
• Monitor controls and maintain audit-ready documentation
• Drive risk assessments and vendor security reviews

🎯 Requirements

• 2+ years in GRC, security compliance, or audit in fast-paced tech
• Knowledge of SOC 2 Type II, ISO 27001, GDPR, CCPA; AI governance familiarity
• Strong technical literacy for cloud security, API security, access control
• Excellent project management to manage audits and remediation
• Outstanding communication to explain compliance to tech and non-tech
• Natural curiosity about AI governance and regulatory landscape

🎁 Benefits

• Generous PTO and company holidays
• Medical, dental, and vision coverage for you and family
• Paid parental leave for all parents (12 weeks)
• Fertility and family planning support
• Early-detection cancer testing via Galleri
• Flexible spending accounts and health savings accounts