🛠 Tech Stack

💼 About This Role

You'll build and scale a strategic GRC function at Sigma, enabling business growth while managing risk. You'll partner with Legal, Engineering, and leadership to develop a comprehensive GRC framework and lead certification audits. This role offers a unique opportunity to create a world-class program from the ground up.

🎯 What You'll Do

• Design and implement governance frameworks and policies
• Conduct enterprise-wide risk assessments and maintain risk register
• Own audit and certification programs (SOC 2, ISO 27001, HIPAA)
• Support sales with compliance documentation and security inquiries

📋 Requirements

• 4+ years experience in GRC roles, preferably in SaaS
• Experience building or maturing a GRC program from scratch
• Track record of leading certification audits (SOC 2, ISO 27001, HIPAA)
• Knowledge of data privacy regulations (GDPR, CCPA)

✨ Nice to Have

• Experience with GRC platforms (ServiceNow GRC, Archer, LogicGate)
• Hands-on experience with cloud environments (GCP, AWS, Azure)
• Professional certifications (CRISC, CISA, CISM, CISSP, CIPP)

📨 Hiring Process

Estimated timeline: 3-5 weeks · AI estimate

1. 1Recruiter Screen· 30 min
2. 2Hiring Manager Interview· 60 min
3. 3Technical/Compliance Interview· 60 min
4. 4Leadership Interview· 45 min
5. 5Offer· N/A