Tech Stack

Description

You will lead and scale Sigma's governance, risk, and compliance programs, partnering with Legal, Engineering, Product, and leadership to build a comprehensive GRC framework that enables business growth while managing organizational risk.

Requirements

• 4+ years in GRC roles, preferably in SaaS or technology companies
• Experience building or maturing a GRC program from the ground up
• Track record of leading certification audits (SOC 2, ISO 27001, HIPAA)
• Strong knowledge of data privacy regulations (GDPR, CCPA)
• Experience with risk management frameworks (COSO, ISO 31000, NIST RMF)

Responsibilities

• Design and implement governance frameworks and enterprise policies
• Develop and operate a comprehensive Enterprise Risk Management program
• Own audit and certification programs (SOC 2, ISO 27001, HIPAA)
• Support sales with compliance documentation and security inquiries
• Manage security awareness training and conduct internal audits