GRC Lead

Nooks
87d
Match Resume

About The Position

We are seeking a skilled Governance, Risk, and Compliance (GRC) Lead with a minimum 5 years of experience in GRC, information security, risk management, or compliance to join our team. In this role, you will help ensure that our organization maintains compliance with regulatory frameworks, and manages enterprise risks effectively. You will work cross-functionally with Legal, Security, GTM, and Operations teams to strengthen our governance posture and mitigate risk across the business.

Requirements

  • Bachelor’s degree in Information Security, Risk Management, Business, or a related field (or equivalent experience).
  • Minimum of 5 years of experience in GRC, information security, risk management, or compliance roles.
  • Familiarity with industry frameworks and standards such as ISO 27001, SOC 2, GDPR, CCPA.
  • Hands-on experience supporting audits and certifications against frameworks such as ISO 27001, SOC 2, GDPR, CCPA.
  • Familiarity with compliance automation and customer trust platforms (e.g., Drata, Vanta, Safebase) and/or enterprise GRC platforms.
  • Strong analytical, organizational, and problem-solving skills.
  • Excellent written and verbal communication abilities for policy documentation and audit interactions.

Nice To Haves

  • Professional certifications such as CISA, CRISC, ISO 27001 Lead Implementer, or similar.
  • Strong Understanding of global privacy regulations (CCPA, GDPR).
  • Experience supporting compliance reviews or audits of AI-enabled products, including data governance, bias/risk assessments, or model transparency requirements.
  • Familiarity with AI governance frameworks (e.g., EU AI Act, NIST AI Risk Management Framework, ISO/IEC 42001) and experience assessing risks related to AI/ML systems.

Responsibilities

  • Maintain and update information security, privacy, and compliance policies.
  • Assist policy governance and internal control documentation.
  • Administer and improve customer-facing GRC tools.
  • Lead and execute risk assessments, control testing, and remediation tracking across security, privacy, and operational domains.
  • Manage adherence to regulatory standards such as ISO 27001, SOC 2, GDPR, CCPA and other emerging frameworks.
  • Oversee internal and external audits, evidence collection, and gap remediation.
  • Lead and improve the process for responding to customer security questionnaires and RFPs, ensuring accuracy and consistency.
  • Develop standardized templates, maintain an updated knowledge base, and streamline workflows for faster, consistent responses.
  • Conduct and oversee vendor and partner risk assessments, monitor subprocessor obligations, and maintain third-party risk dashboards.
  • Develop and present dashboards and executive reports on enterprise risk, compliance health, and audit readiness.
  • Assist with the design, rollout, and tracking of security awareness and compliance training initiatives.

Benefits

  • Competitive salary and benefits package.
  • Opportunity to work with cutting-edge technologies in a fast-growing organization.
  • A collaborative and security-first culture.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Education Level

Bachelor's degree

Number of Employees

51-100 employees

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service