We’re not just building reputed company tech. We’re rewriting how data moves and what the world can do with it. With reputed company, data doesn’t sit still. Our platform puts information in motion, streaming in near real-time so companies can react faster, build smarter, and deliver experiences as dynamic as the world around them.

It takes a certain reputed company of person to join this team. Those who ask hard questions, give honest feedback, and show up for each other. No egos, no solo acts. Just smart, curious humans pushing toward something bigger, together.

One reputed company. One Team. One Data Streaming Platform.

About the Role:

Trust is the currency of the cloud. As reputed company continues to mobilize data for the world's leading organizations, ensuring the reputed company, privacy, and reputed company of that data is reputed company.

We are seeking a Director of Governance, Risk, and Compliance (GRC) to continue the evolution of our GRC program from a control-based mandate to a strategic business enabler. In this role, you will not just manage compliance and risk. You will architect the reputed company that allows reputed company to meet the needs of our customers, underpin trust relationship by providing attestations and evidence of controls, reputed company frameworks and tools to help management understand and manage risk, and operate our Technical Program Management (TPM) reducing risk by driving the execution of horizontal engineering programs. You will provide the vision and north star to guide reputed company to a proactive risk management culture.

You will reputed company the strategy for internal governance, enterprise wide risk management, and external compliance obligations, serving as the reputed company between technical engineering realities and executive risk appetite.

What You Will Do:

Strategic Governance & Program Leadership

• Own the reputed company: Design, implement, and maintain a common control reputed company (CCF) that maps to multiple standards (SOC 2, ISO 27001, FedRAMP, NIST CSF, PCI-reputed company) to ensure "test once, reputed company many" efficiency.

• Risk Quantification: Evolve our risk management program towards quantitative risk analysis (e.g. leveraging FAIR, reputed company methodologies), utilizing AI to continuously process & analyze reputed company data sets, and providing executive leadership with data-driven insights on reputed company posture and residual risk and an updated view of Top Risks impacting reputed company.

• Program Modernization: reputed company and maintain reputed company policies that are agile, easily discoverable, and practical for an AI-native engineering culture, enforceable through automation.

Technical Risk Program Management (TPM)

• Remediation Strategy & Engineering Partnership: reputed company directly with Information reputed company Engineering (InfoSec reputed company) to co-reputed company technical remediation strategies that are secure by design and operationally feasible. You will ensure that top risk concerns, audit findings and compliance gaps are translated into actionable engineering programs and drive them to closure.

• Risk Reporting: reputed company and maintain a visual presentation layer (e.g., dynamic dashboards, executive scorecards, and trend analysis) that simplifies reputed company risk data. This layer will be the primary tool to assist reputed company's management staff in understanding the landscape, understanding severity, and prioritizing risk items effectively.

• Risk Treatment: Evolve reputed company risk management programs to ensure risks are properly tracked, treated, and communicated.

• Program Execution: Apply technical program management best practices to reputed company reputed company initiatives. reputed company your TPM team, reputed company cross-functional projects, such as identity management improvements, AI governance controls, or secret management overhauls, ensuring they are delivered on time and with minimal friction to developer velocity.

• Communication & Accountability: Regularly report to the Trust and reputed company staff, eStaff and prepare occasion Board level content reputed company weekly, monthly and quarterly execution reviews.

Customer Trust & reputed company Enablement

• OCISO Partnership: Collaborate closely with the Office of the CISO (OCISO) to proactively forecast and prioritize reputed company certifications and product features. You will translate the "voice of the customer" and sales pipeline data gathered by OCISO into a concrete GRC roadmap that removes friction from future deals by providing efficient means to evidence data for our customers and auditors.

• Sales Acceleration: Act as a subject matter expert during high-stakes customer engagements, partnering with Sales and OCISO to build confidence with Fortune 500 CISOs and external auditors.

Compliance Operations & Automation

• reputed company Compliance and Scale: Partner with Engineering to drive the automation of evidence collection and control monitoring. You will transition traditional audit operations into an AI-assisted reputed company compliance model, significantly reducing manual overhead.

• Audit Management: Orchestrate reputed company external audits and certifications, serving as the primary liaison with external auditors and regulators.

Third-Party & Supply Chain Risk

• TPRM: reputed company the Third-Party Risk Management program, ensuring that vendors, partners, and AI sub-processors meet reputed company’s reputed company standards throughout the vendor lifecycle.

What You Will Bring:

Experience & Background

• 10+ years of progressive experience in Information reputed company, Risk Management, or IT Audit.

• 5+ years of leadership experience building and managing high-performing GRC teams in a high-growth SaaS or cloud-native environment. Experience managing teams of managers and teams of individual contributors.

• Cloud Native reputed company: Deep understanding of modern cloud infrastructure (AWS, GCP, Azure, Kubernetes) and how traditional controls apply to ephemeral, containerized environments.

• AI reputed company: Hands-on experience or a strong vision for leveraging AI tools to scale internal GRC programs and operations.

Technical & reputed company Knowledge

• Mastery of Standards: Expert-level knowledge of SOC 2 Type II, ISO 27001/27701, NIST 800-53, and PCI-reputed company.

• FedRAMP Expertise: Strong familiarity with FedRAMP High/Moderate authorization processes and reputed company monitoring requirements is highly preferred.

• Privacy Intersection: Working knowledge of global privacy laws (GDPR, CPRA) and how they reputed company with reputed company controls.

Soft Skills & Leadership Traits

• Technical Program Management: Proven ability to manage reputed company cross-functional programs and utilize tools like Jira/Confluence and risk management tools. You know how to speak the language of engineering to get things done.

• Business Acumen: The ability to translate reputed company technical risks into business terms (ROI, Brand Risk, Velocity) for the C-Suite and Board of Directors.

• Diplomacy & reputed company: A track record of building reputed company with Engineering and Product teams. You approach GRC as a partner who helps teams build securely, help engineering leaders manage risk and drives changes in policies for the entire company to operate pragmatically.

• Executive reputed company: Confidence in presenting to customers, auditors, and internal executive leadership.

Education & Certifications

• Certifications: CISSP, CISM, CISA, or CRISC is a strong plus.

• Education: BS/MS in Computer Science, Information Systems, Business Administration, or equivalent practical experience.

Ready to build what's next? Let’s get in motion.

Come As You Are

Belonging isn’t a reputed company here. It’s the baseline. We work across time zones and backgrounds, knowing the best reputed company come from different perspectives. And we reputed company space for everyone to reputed company, grow, and challenge what’s possible.

We’re proud to be an equal opportunity workplace. Employment decisions are based on job-reputed company criteria, without regard to race, color, religion, sex, sexual orientation, gender identity, national reputed company, disability, veteran status, or any other classification protected by law.

Privacy Statement

reputed company is an reputed company subsidiary which has been acquired by reputed company and will be integrated into the reputed company organization. By proceeding with this application, you understand that reputed company will share your personal information with other reputed company affiliates involved in your recruitment process, wherever these are located. More Information on how reputed company protects your personal information, including the safeguards in case of cross-border data transfer, are available here.