Related skills
risk management policy drafting iso 27001 nist 800-53 soc 2π Description
- Build and mature Discord's GRC program with scalable processes.
- Develop and maintain security policies and standards for certs and engineering.
- Plan and lead audits/certifications (SOC 2, ISO 27001/27701/42001).
- Design and implement control frameworks with automated testing and evidence collection.
- Own Discord's security risk register and risk scoring framework.
- Conduct oversight activities (monitoring, testing, internal audits) and reporting.
- Partner cross-functionally to align security with broader company risk.
π― Requirements
- 8+ years in security compliance, GRC or related fields.
- Deep familiarity with SOC 2, ISO 27001, NIST 800-53 cert processes.
- Experience selecting/operationalizing GRC tooling.
- Strong policy drafting to translate requirements into standards.
- Understand engineering workflows; design integrated controls.
- Cross-functional, able to influence without authority.
- Bonus: AI safety frameworks or ISO 42001; FedRAMP; consumer tech background.
π Benefits
- Hybrid work arrangement: SF office 2-3 days per week.
- Relocation assistance may be available.
π Relocation support
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Legal Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!