Director Of Governance, Risk, & Compliance (Cybersecurity)

TL;DR

Director of Governance, Risk, & Compliance (Cybersecurity): Leading and advancing the enterprise GRC program with an accent on regulatory alignment, risk mitigation, and scalable security frameworks. Focus on driving compliance across SOC 2, ISO 27001, HIPAA, and GDPR while integrating responsible AI governance into product development.

Location: On-site in Boston, MA

Salary: $185,000–$205,000

Company

hirify.global is a wearable technology company dedicated to unlocking human performance and healthspan through personalized data insights.

What you will do

• Define and execute an enterprise-wide GRC strategy aligned with business objectives and regulatory landscapes.
• Lead and mentor a high-performing GRC team while fostering a culture of accountability.
• Oversee compliance frameworks including SOC 2, ISO 27001, HIPAA, and GDPR.
• Establish an enterprise risk management program, including risk identification and mitigation reporting to the board.
• Lead governance for responsible AI use in coordination with Product, Legal, and Engineering teams.
• Manage third-party risk and lead engagement with external auditors and regulators.

Requirements

• 10+ years of experience in GRC, information security, or compliance.
• At least 5 years in a leadership role.
• Proven track record of scaling GRC programs in high-growth technology or health-tech companies.
• Deep expertise in compliance frameworks (SOC 2, ISO 27001, HIPAA, GDPR, NIST CSF).
• Understanding of cloud security architectures, specifically AWS.
• Experience evaluating AI/ML risk and data governance in regulated environments.

Nice to have

• Relevant certifications such as CISSP, CISM, CRISC, or CISA.

Culture & Benefits

• Competitive base salary and meaningful equity packages.
• Opportunity to own part of the company and participate in its long-term growth.
• Mission-driven environment focused on health and human performance.
• Comprehensive health and wellness benefits.