GRC Program Manager (AI)

TL;DR

GRC Program Manager (AI/Security): Managing hirify.global’s integrated governance program across security, privacy, and AI governance with an accent on framework design and tactical execution. Focus on executing security certifications like ISO 27001 and SOC2, and building AI-driven compliance workflows.

Location: Hybrid in Sydney, Australia

Company

hirify.global is a SaaS company focusing on workforce management and core operations security.

What you will do

• Design and monitor internal controls for ISO 42001 (AI), ISO 27001, and NIST frameworks.
• Coordinate all internal and external audits, including evidence collection, control testing, and remediation.
• Manage the daily operational GRC pipeline and third-party vendor risk assessments using AI automation.
• Collaborate with product and engineering teams at the initiation phase to translate business targets into GRC requirements.
• Author and maintain company policies for data protection, privacy-by-design, and ethical AI utilization.
• Perform cross-functional risk assessments and support sales by resolving compliance-related customer inquiries.

Requirements

• 5+ years of hands-on GRC experience in a fast-paced SaaS environment.
• Proven track record of executing audits and building compliance workflows from scratch.
• Strong working knowledge of ISO 27001, SOC2, PCI-DSS, and ISO 42001 (AI).
• Ability to operate as an individual contributor owning both high-level strategy and granular administration.
• Location: Must be based in Sydney.

Nice to have

• Advanced certifications such as CISSP, CIPP/E, CIPM, CISA, CISM, or CRISC.