GRC Director

TL;DR

GRC Director (Cybersecurity): Managing and improving compliance programs and information security risk for critical frameworks like ISO 27001, SOC2, and FedRAMP with an accent on aligning controls with business processes and ensuring transparency. Focus on developing policies, managing risk quantification, and overseeing third-party assessments while promoting a culture of practical information security.

Location: Hybrid in Durham, NC, requiring onsite presence several days a week.

Salary: $165,000–$495,000 annually

Company

hirify.global delivers real-time cloud-based endpoint management and security, serving Fortune 100 organizations and branches of the U.S. Military.

What you will do

• Proactively manage critical compliance frameworks including ISO 27001, SOC2, and FedRAMP.
• Develop, enhance, and operationalize security, risk, and privacy policies and associated business processes.
• Own and manage hirify.global’s risk quantification and management program.
• Manage GRC’s role in responding to client audit and RFP/RFI requests.
• Implement a vision for GRC tactics and methods that scale with business needs.
• Manage, support, and inspire a team of GRC professionals.

Requirements

• Bachelor's Degree in Computer Science, IT, or equivalent work experience.
• 7+ years of experience in Information Security and/or Data Privacy Compliance positions.
• Practical, hands-on expertise implementing and managing Federal compliance frameworks such as FedRAMP, CMMC.
• Deep expertise in common compliance standards, e.g., ISO27001, SOC 2, NIST CSF.
• Strong knowledge of the global data security regulatory environment and privacy regulations (CCPA, GDPR, HIPAA, PIPEDA, UK DPA).
• Demonstrated ability to manage a team of highly motivated, independent analysts/SMEs.

Nice to have

• Hands-on, practical knowledge of PCI DSS.
• Experience with Objectives and Key Results (OKRs) and/or kanban principles.

Culture & Benefits

• Comprehensive benefits package including medical, dental, vision, family planning, HSA, FSA.
• 401(k) retirement savings plan with company match.
• Equity awards, life, accident, and disability coverage.
• Strong culture emphasizing collaboration, respect, and diversity.
• 5 days of volunteer time off (VTO).
• Named to Forbes Cloud 100 list and Fortune 100 Best Companies to Work For.