We are looking for a GRC professional who is equal parts auditor and builder. Rokt's information security management system is ISO 27001 and SOC 2 certified, and protects personal customer data entrusted to us by leading global e-commerce brands with a combined 100 million transactions each month. As we scale, we are reimagining GRC as an AI-first function — one where agents and automation do the heavy lifting on evidence collection, control monitoring, questionnaire response, and audit preparation, freeing humans to focus on judgment, strategy, and stakeholder partnership. You will own the audit, assurance, and compliance pillar of our GRC program, and you will lead the design and engineering of the agentic systems that run it. This is not a "use ChatGPT to summarise a policy" role. You will architect and ship agents on our internal Security Agent Suite, build internal GRC tools using AI coding agents like Claude Code and Cursor, and treat automation as a first-class deliverable alongside the audits you lead. You will work closely with engineering, product, legal, finance, people, and our external auditors to drive ISO 27001, SOC 1, and SOC 2 programs to clean outcomes — and to make sure that next year, the same outcomes are achieved with materially less manual effort. You move fast, you prefer significant leaps over small iterations, and you genuinely enjoy the intersection of compliance rigour and AI engineering.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed