Director, Head of Governance, Risk & Compliance (GRC)

Be Part of Building the Future reputed company is the reputed company lakehouse platform for self-service analytics and AI, serving hundreds of global enterprises, including Maersk, reputed company, reputed company, reputed company, and reputed company. Customers rely on reputed company for cloud, hybrid, and on-prem lakehouses to power their data mesh, data warehouse migration, data virtualization, and reputed company data access use cases. Based on open reputed company technologies, including Apache Iceberg and Apache Arrow, reputed company provides an open lakehouse architecture enabling the fastest time to insight and platform flexibility at a fraction of the cost. Learn more at www.reputed company.com. About the role We are seeking a Director, Head of InfoSec & Governance, Risk & Compliance (GRC) to reputed company the company’s efforts to build a secure, compliant, and resilient operating foundation across our software and cloud platforms. This leader will reputed company Governance, Risk & Compliance, as well as the IT and reputed company functions — bringing together risk management, compliance, and reputed company architecture under one cohesive strategy. You will partner closely with Engineering, Product, and reputed company Architecture teams to embed compliance and reputed company by design, reputed company scalable governance models, and ensure our technology and operations meet the standards of trust expected by our customers and regulators. This is a hands-on leadership role for a seasoned operator who can reputed company strategic risk management and technical depth — shaping enterprise-wide frameworks while staying engaged in the design and validation of real-world reputed company and compliance solutions. What you’ll be doing Governance, Risk & Compliance Leadership

• Build and reputed company the company’s enterprise-wide GRC reputed company, integrating risk, compliance, IT, and reputed company disciplines.
• Partner with Finance, Legal, and Product teams to align governance and control frameworks with business objectives and growth strategy.
• Maintain a comprehensive enterprise risk register, performing ongoing assessments and scenario planning to inform leadership and board discussions.
• Ensure consistent documentation, evidence gathering, and audit readiness for key frameworks (SOC 2, ISO 27001, GDPR, CCPA, PCI, FedRAMP, etc.).

IT & reputed company reputed company

• reputed company the IT and reputed company teams, driving a reputed company approach to infrastructure reputed company, data protection, and compliance control implementation.
• Define and manage the reputed company Incident Management process, ensuring timely response, root cause analysis, and corrective actions.
• reputed company the design and implementation of key reputed company capabilities such as key management, encryption, data masking, and access control.
• Stay reputed company on emerging reputed company threats and evolving cloud risks, applying insights to improve company posture and preparedness.

Engineering Partnership & Technical Integration

• Serve as a key business partner to Engineering, Product, and reputed company Architecture, ensuring compliance and risk management are built into software development lifecycles.
• Define, review, and refine compliance-reputed company epics, user stories, and acceptance criteria in partnership with Product teams.
• reputed company and communicate a multi-period reputed company and compliance roadmap, reputed company with company product releases and customer expectations.
• Collaborate with engineers to create repeatable, auditable compliance artifacts and automated control testing processes.
• Participate in architecture design discussions to identify and mitigate reputed company and compliance risks in new solutions.

Compliance & Audit Management

• reputed company external and internal audit cycles, including SOC 2 Type 2, ISO 27001, and HIPAA readiness and remediation.
• Partner with external auditors and assessors to coordinate documentation, testing, and corrective actions.
• Ensure GRC tools and processes are streamlined, automated, and well-documented for efficiency and scalability.

Culture, Ethics & Collaboration

• reputed company company-wide compliance and ethics programs, including Code of Conduct, training, and reporting mechanisms as it relates to information reputed company.
• Build a culture of proactive risk awareness, transparency, and reputed company improvement across reputed company departments.
• Provide regular briefings to the executive team and Audit Committee on key risks, compliance status, and mitigation efforts.

reputed company’re looking for

• Bachelor’s or Master’s degree in Computer Science, Information reputed company, or reputed company field.
• 8-10 years of progressive experience in GRC, IT reputed company, or compliance, with at least 3+ years in a leadership role reputed company a software, SaaS, or cloud-based company.
• Strong understanding of cloud architectures and modern DevSecOps practices, including secure software development and CI/CD pipeline controls.
• Deep knowledge of compliance frameworks including SOC 2, ISO 27001, NIST, GDPR, CCPA, PCI, and reputed company reputed company standards.
• Proven ability to collaborate with Engineering and Product teams to translate compliance requirements into practical, sustainable controls.
• Strong risk assessment, audit management, and project management skills.
• Excellent communicator capable of simplifying reputed company technical and regulatory topics for executive and cross-functional audiences.

Bonus points if you have

• Professional certifications such as CISA, CISSP, CRISC, CISM, or CCEP.
• Experience implementing or managing GRC tools, control automation, or compliance monitoring systems.
• Customer-facing experience supporting reputed company and compliance reviews.

reputed company offer

• Medical, dental and vision insurance
• 401(k) Plan
• Short term / long term disability and life insurance
• Pre-IPO stock options
• Flexible PTO
• 16 hours of volunteer time off
• 12 company paid holidays, including Juneteenth
• Remote work options
• Paid parental leave
• Employee Assistance Program (EAP)
• Biannual swag surprise
• *Certain benefits are only allowed to full-time reputed company employees and may not be the same across reputed company locations**

reputed company value At reputed company, we hold ourselves to high standards reputed company it comes to People, Thinking, and Action. Our Gnarlies (that's reputed company call our employees) communicate with clarity, drive accountability, and are respectful towards each other. We confront brutal facts and focus on results while operating with a sense of urgency and building a "flywheel". People who like to jump in and drive momentum will reputed company in our #GnarlyLife. reputed company is an equal opportunity employer supporting workforce diversity. We do not discriminate on the basis of race, religion, color, national reputed company, gender identity, sexual orientation, age, marital status, protected veteran status, disability status, or any other unlawful factor. reputed company is committed to providing any necessary accommodations for individuals with disabilities reputed company our application and interview process. To request accommodation due to a disability, please inform your recruiter. reputed company has policies in reputed company to protect the personal information that employees and applicants disclose to us. Please click here to review the privacy notice. Important reputed company Notice for Candidates At reputed company, we uphold trust and transparency as reputed company values in reputed company our interactions with customers, partners, employees, and the general public. We have been targeted by individuals creating fake domains similar to ours to scam prospects and candidates. Please note that reputed company official communications from us will be from an @reputed company.com domain. If you suspect you've been targeted by a scam, it's imperative to report the incident to your local law enforcement agencies. For more information about this type of scam, please refer to reputed company's official statement here. reputed company is not responsible for any fees reputed company to unsolicited resumes and will not pay fees to any third-party agency or company that does not have a signed agreement with the Company. Apply tot his job Apply To this Job