Plus
Включить Plus
Назад
Company hidden
20 часов назад

Security GRC Manager (SaaS)

182 000 - 295 000$
Формат работы
remote (только USA)/hybrid/onsite
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Security GRC Manager (SaaS): Building and scaling security and privacy compliance programs from the ground up with an accent on regulatory frameworks including SOC 2, ISO 27001, and GDPR. Focus on automating evidence collection, managing risk lifecycles, and enhancing customer trust through scalable GRC processes.

Location: SF, NYC, or Remote (US)

Salary: $182,000 - $295,000

Company

hirify.global is a data and analytics platform that empowers users to explore data using natural language and code.

What you will do

  • Own and mature compliance programs across SOC 2, ISO 27001, ISO 27701, HIPAA, GDPR, CCPA, and PCI DSS.
  • Manage the full risk management lifecycle, identifying and driving mitigation of security and regulatory risks.
  • Lead customer security questionnaires, risk assessments, and manage the Trust Center portal.
  • Lead internal and external audits and establish automated, repeatable evidence collection processes.
  • Develop and oversee the third-party risk management program, including vendor assessments.
  • Evaluate and implement GRC automation tools and embed compliance into CI/CD and cloud security controls.

Requirements

  • 5-8+ years of experience in GRC, compliance, security engineering, or audit.
  • Deep familiarity with SOC 2, ISO 27001, PCI DSS, HIPAA, and GDPR frameworks.
  • Technical literacy in cloud-native environments, specifically AWS and SaaS architectures.
  • Proven experience building or maturing GRC programs at high-growth companies.
  • Must be based in the US (San Francisco, New York City, or Remote).

Nice to have

  • Certifications such as CISA, CISM, CISSP, or CRISC.
  • Experience with GRC automation platforms like Vanta, Drata, Tugboat, or SecureFrame.
  • Familiarity with AI/ML compliance contexts and data protection operations.

Culture & Benefits

  • Opportunity to build a foundational function from scratch with high visibility and impact.
  • Competitive total rewards package including market-benched salary and equity.
  • Comprehensive health benefits and flexible paid time off.
  • High-agency environment collaborating with world-class engineers and operators.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →