Senior Manager, Governance Risk and Compliance

This is a fully remote position, open to applicants in Arizona, +11 more states.

📋 Description

• Lead the comprehensive response strategy for annual client security evaluations; oversee the preparation and multi-day delivery of intricate technical evidence to advanced enterprise partners.

• Take ownership of the effective execution, upkeep, and scope verification of essential compliance frameworks, including PCI-DSS, ISO 27001, SOC2 Type II, and TISAX.

• Collaborate with the Legal and Strategic Procurement teams to draft, assess, and negotiate security clauses within client and vendor agreements, ensuring that promised commitments align seamlessly with technical capabilities.

• Create, implement, and uphold an extensive library of corporate security policies that meet global standards while remaining practical and efficient for a software-centric organization.

• Keep track of global regulatory landscapes (e.g., CCPA/CPRA, GDPR, and emerging automotive cybersecurity regulations); work alongside Privacy Owners to formulate foundational cyber strategies, documentation, and procedures.

• Lead the enhancement of the GRC infrastructure by optimizing the ROI of continuous monitoring platforms and deploying/tuning Generative AI tools to automate high-volume compliance workflows.

• Act as a vital member of the Cybersecurity leadership team, partnering with Product and Engineering leaders to ensure that security and legal requirements are inherently integrated into the product development lifecycle.

• Directly supervise, mentor, and assess the performance of GRC team professionals, ensuring resource allocation aligns with the organization’s audit pipeline and strategic timelines.

⛳️ Requirements

• A Bachelor's degree in Computer Science, Information Security, Information Technology, or a related technical discipline is mandatory.

• An active CISSP or CISM certification is essential.

• Over 8 years of progressive experience in Cybersecurity, GRC, or IT Audit is required.

• At least 2 years of direct people management or leadership experience is necessary.

• A proven history of managing complex frameworks (SOC2, PCI, ISO, TISAX), converting technical controls into contractual terms, and implementing automated GRC workflows.

• Privacy, cloud architecture, or specialized IT audit certifications are highly desirable.

🏝️ Benefits

• Comprehensive healthcare, dental, vision, disability, life insurance, and mental health benefits for employees and their families.

• 401(k) plan with company matching and tuition assistance to help you achieve your future aspirations.

• Flexible time off, paid sick leave, and ten paid holidays each year.

• Parental planning benefits to support employees through significant life events.

• Bonus/Incentive Programs.