Director of Governance, Risk and Compliance (GRC)

Job Description: • As the Director of GRC, you are a revenue enabler and a cornerstone of our enterprise growth strategy. • Transform compliance from a reactive exercise into a Continuous Assurance engine. • Build a gold-standard compliance program that meets the highest regulatory bars and drives customer trust. • Lead the end-to-end strategy for SOC 2 Type II and FedRAMP Moderate authorizations. • Architect the expansion of our compliance program into new frameworks. • Serve as the internal owner of our own platform implementation. • Own and mature the company-wide security awareness and role-based training program. • Establish and manage a process for responding to security questionnaires. • Direct the assessment of all current and prospective third-party providers. • Govern the annual penetration testing program and third-party security assessments. • Define and maintain the response playbooks used for security events. Requirements: • Certification: CISSP is strictly required. • Experience: 8+ years in GRC or Information Security leadership within a high-growth SaaS environment. • Framework Expertise: Direct experience achieving or maintaining a FedRAMP Moderate ATO; deep familiarity with NIST 800-53 controls is essential. • Incident Response: Proven ability to lead through security events and design robust response frameworks. • Technical Literacy: Ability to discuss cloud architecture (AWS/Azure), IAM roles, and containerization with senior engineering and DevOps leads. • Communication: High-level executive presence for board and customer reporting, paired with a "roll-up-your-sleeves" attitude required in a small, agile team. Benefits: • Annual compensation reviews + equity • Unlimited PTO: strongly encouraged to unplug and recharge • Health: coverage for medical, dental, and vision - employee and dependents • 401K, which vests immediately, complete with a 4% company match • 12 weeks of Parental leave and 1 year free diapers and wipes with Honest • Annual company in-person events and quarterly in-person connects • $500 home office stipend - at the time of hire. Any additional home office needs are requested as needed. • $100 quarterly paid wellness stipend • Pet insurance discount • Slack channel notifications turn off after 5 pm based on your time zone • Two Hypercharge weeks of rest where we close company-wide (July & Dec)