16h ago

Security GRC Manager

SF, NYC, or Remote (USA)

โœจ $145k-$195k / yearest.

full-timesenior Remotesoftware

๐Ÿ›  Tech Stack

๐Ÿ’ผ About This Role

You'll build and scale Hex's security and privacy compliance programs from the ground up as our inaugural GRC hire. You'll lead audits, manage risk, and drive customer trust through a world-class automation-first compliance function.

๐ŸŽฏ What You'll Do

  • Own SOC 2, ISO 27001, HIPAA, GDPR, and other compliance programs.
  • Lead risk assessments and manage the risk lifecycle.
  • Handle customer security questionnaires and trust center content.
  • Manage third-party risk and vendor assessments.

๐Ÿ“‹ Requirements

  • 5โ€“8+ years in GRC, compliance, or audit.
  • Deep familiarity with SOC 2, ISO 27001, HIPAA, GDPR.
  • Experience running audit cycles and certification processes.
  • Technical literacy in AWS, SaaS architectures, and cloud security.

โœจ Nice to Have

  • Certifications like CISA, CISM, CISSP.
  • Experience with GRC automation platforms (e.g., Vanta, Drata).
  • Familiarity with data protection operations or AI/ML compliance.

๐ŸŽ Benefits & Perks

  • ๐Ÿ–๏ธ Remote flexibility
  • ๐Ÿ’ฐ Competitive salary
  • ๐Ÿฅ Health coverage
  • ๐Ÿ“ˆ Equity
  • ๐Ÿง‘โ€๐Ÿ’ป Home office stipend

๐Ÿ“จ Hiring Process

Estimated timeline: 2-4 weeks ยท AI estimate

  1. 1Recruiter screenยท 30 min
  2. 2Hiring manager interviewยท 45 min
  3. 3Technical/behavioral interviewยท 60 min
0 0 0