Senior Security GRC Lead (SaaS)

TL;DR

Senior Security GRC Lead (SaaS): Designing and implementing the foundational GRC program, including the first Common Controls Framework and risk register, with an accent on control rationalization and policy lifecycle management. Focus on building a GRC tooling ecosystem and embedding security controls directly into the product architecture.

Location: Must be based in Austin, Chicago, New York City, Salt Lake City, or San Francisco

Salary: $121,000 - $185,000 USD

Company

AI-powered revenue intelligence platform that unifies data, insights, and workflows to help revenue teams win.

What you will do

• Design and implement the Common Controls Framework, mapping requirements across SOC 2, ISO 27001, HIPAA, and PCI.
• Build the product and enterprise risk register from the ground up, defining taxonomy, scoring, and appetite thresholds.
• Implement a GRC platform and build executive-level dashboards to track vulnerabilities and remediation.
• Own the complete lifecycle of the information security policy suite and establish a formal exceptions management program.
• Partner with Engineering and Product Security to embed controls at the architecture level.
• Serve as the subject-matter expert on control mapping during external audits, RFPs, and enterprise sales engagements.

Requirements

• 7+ years of progressive experience in GRC or Information Security, specifically building or scaling programs.
• Deep expertise in SOC 2 Type II, ISO 27001, NIST CSF, and at least one regulatory framework (GDPR, CCPA, or HIPAA).
• Hands-on experience creating and implementing GRC Record of Truth/Tooling.
• Strong ability to translate complex regulatory language into clear, actionable policy documentation.
• Proven experience managing and communicating with senior executive stakeholders.
• Must be located in one of the specified US hub cities

Nice to have

• Relevant certifications: CISSP, CISM, CRISC, CISA, or CCSP.
• Experience working within a high-growth SaaS or technology company.

Culture & Benefits

• Comprehensive medical, dental, and vision plans.
• 401(k) program and a flexible Wellbeing Fund stipend.
• Mental health benefits including covered therapy and coaching.
• Flexible vacation time and quarterly company-wide recharge days.
• Education and learning stipend for personal growth.
• Work-from-home stipend to support a remote-friendly environment.