🛠 Tech Stack

💼 About This Role

You'll own day-to-day execution of the GRC system of record in Jira, maintaining control records and coordinating audit evidence across HITRUST, ISO 27001, and SOC 2 frameworks. You'll run TPRM assessments end-to-end and build automation using AI tools like Claude and Zapier. This is a hands-on execution role in a fast-moving biotech environment.

🎯 What You'll Do

• Maintain GRC records and compliance status in Jira
• Run TPRM assessments from intake to approval
• Coordinate audit evidence collection across frameworks
• Build GRC automation using AI tools (Claude, Zapier)

📋 Requirements

• 3-6 years of hands-on GRC experience
• Direct experience using Jira as a compliance/GRC tool
• Working knowledge of at least two: HITRUST, ISO 27001, NIST 800-171, SOC 2, HIPAA
• Experience running vendor risk assessments end-to-end

✨ Nice to Have

• CISA, CRISC, CISM certification
• Familiarity with Drata or Vanta
• Experience supporting multi-entity compliance

🎁 Benefits & Perks

• 🏖️ Unlimited PTO
• 💵 Salary range $88k-$121k
• 🏥 Health insurance
• 📈 Equity grants
• 🧬 Work on cutting-edge biotech

📨 Hiring Process

Estimated timeline: 2-3 weeks · AI estimate

1. 1Recruiter Phone Screen· 30 min
2. 2Hiring Manager Interview· 45 min
3. 3Technical/Case Interview· 60 min