🛠 Tech Stack

💼 About This Role

You'll own and build the GRC function at a fast-growing AI company, ensuring audits run cleanly and customer trust scales. You'll turn compliance requirements into automated systems that enable the company to move fast without lowering security standards. This role offers the chance to define the GRC culture from the ground up.

🎯 What You'll Do

• Own SOC 1, SOC 2 Type II, ISO 27001, and ISO 42001 end-to-end
• Translate compliance requirements into practical operating processes across teams
• Build source of truth for controls, evidence, ownership, and audit readiness
• Automate evidence collection, access reviews, and risk tracking using AI
• Run third-party risk reviews and own customer security questionnaires

📋 Requirements

• End-to-end ownership of SOC 1, SOC 2, ISO 27001, or similar audit programs
• Hands-on experience running audits, not just managing from a distance
• Technical fluency to translate frameworks into operational controls for IT and engineering
• AI-first mindset: use AI to automate GRC workflows like evidence collection and reporting

✨ Nice to Have

• Experience with ISO 42001 or NIST AI RMF
• Experience with Drata or similar GRC automation tools
• Background in fast-growing SaaS, fintech, security, or AI company

🎁 Benefits & Perks

• 🏥 Premium Medical, Dental, and Vision coverage
• 🏖️ Unlimited PTO + 12 paid holidays
• 🍽️ Daily meal stipends and fully stocked kitchen
• 💻 $300 desk setup stipend
• 👶 Parental leave

📨 Hiring Process

Estimated timeline: 2-4 weeks · AI estimate

1. 1Recruiter Screen· 30 min
2. 2Hiring Manager Interview· 45 min
3. 3Technical/GRC Deep Dive· 60 min
4. 4Team Interview· 45 min
5. 5Reference Check· 15 min