Job Title

Sr. GRC Manager

Location

Remote

About the Opportunity

We are seeking a strategic GRC professional to take full ownership of the governance and compliance architecture for a high-growth SaaS organization. In this critical role, you will serve as the primary architect for SOC 2 readiness and vendor risk management, building a defensible security posture that earns trust from global financial institutions. If you enjoy optimizing audit-ready frameworks and leveraging modern automation to scale compliance operations, this is your next career move.

Responsibilities

• Strategic Governance: Establish and refine the overarching framework for corporate policies, risk registries, and control exceptions, providing regular visibility to executive leadership.

• Audit Management: Direct all phases of the SOC 2 lifecycle, from initial readiness assessments and evidence collection strategy to auditor liaison and final remediation efforts.

• Third-Party Risk Management: Supervise the end-to-end vendor risk program and lead security due diligence inquiries (DDQs/SIGs) to facilitate seamless customer onboarding.

• Compliance Infrastructure: Oversee the centralized repository for compliance documentation and manage the public-facing security trust portal to streamline transparency.

• Workflow Optimization: Integrate AI-driven tools into existing compliance processes to increase reporting velocity without sacrificing audit integrity or accuracy.

Requirements

• Professional Experience: At least 4 to 7 years of dedicated experience in GRC, IT audit, or security compliance, specifically within the SaaS or financial technology sectors.

• Technical Proficiency: Demonstrated history of leading SOC 2 audits from inception to completion within cloud-native environments.

• Framework Knowledge: Deep familiarity with industry-standard security frameworks, including NIST, ISO 27001, or CIS.

• Communication: Exceptional written and verbal skills, with the ability to translate complex compliance requirements for diverse internal and external stakeholders.

Preferred Qualifications

• Industry Credentials: Possession of relevant certifications such as CISA, CISM, CRISC, CISSP, or CCSK.

• Specialized Exposure: Previous experience managing security compliance for customers in highly regulated financial sectors.

• Tooling: Hands-on experience with automated compliance platforms and trust center management tools.

Compensation & Benefits

• Competitive Salary:[Include range if known - Note: California law requires salary transparency in job postings].

• Benefits: Comprehensive insurance, retirement plans, and modern work-life balance perks.