GRC Lead

WorkOSSan Francisco, CA
Remote
Match Resume

About The Position

WorkOS is seeking a GRC Lead to build and own its Governance, Risk, and Compliance program. The company has foundational compliance in place (SOC 2, HIPAA, GDPR, PCI-DSS SAQ D) and is looking for a leader to enhance its compliance function, build on customer trust, and drive towards new certifications. This role involves setting strategy, shaping the roadmap, and building systems and culture for compliance. The position is remote and open to candidates in Canada or the United States.

Requirements

  • 5+ years in a GRC or compliance role with demonstrated ownership of cross-functional compliance projects at a cloud-native company.
  • Hands-on experience implementing or auditing SOC 2 plus at least one other major framework (ISO 27001, PCI DSS, NIST 800-53).
  • Experience building or significantly maturing a GRC function at a high-growth company.
  • Experience with GRC automation platforms (Vanta, Drata, or similar), including migrating into, configuring, and building within them.
  • Strong written and verbal communication skills, particularly customer-facing advisory.
  • Ability to explain controls, handle objections, and manage audit and enterprise-deal conversations.

Nice To Haves

  • Privacy regulations (GDPR, CCPA, HIPAA) and PII classification.
  • FedRAMP experience as an implementer or auditor.
  • Proficiency in a programming or scripting language (Python, TypeScript, Go, or similar).
  • Experience with GRC-as-code / compliance-as-code practices.
  • Familiarity with authentication and identity (SAML, OIDC, SCIM).

Responsibilities

  • Own the compliance function, including frameworks, policies, controls, and audits.
  • Integrate compliance into the software development and shipping process.
  • Build a GRC culture through security awareness, internal education, and cross-functional collaboration.
  • Lead readiness and ongoing compliance for future frameworks like ISO 27001, EU-US DPF, and FedRAMP.
  • Partner directly with customers to represent the compliance program, support audits, and enable sales.
  • Own risk management across WorkOS, including running risk and third-party risk programs.
  • Identify emerging risks, drive remediation, and report to leadership.
  • Scale the compliance function through automation, designing processes, tooling, and AI-assisted workflows.

Benefits

  • Competitive pay
  • Substantial equity grants
  • Healthcare insurance (Medical, Dental and Vision) for you and your family
  • 401k matching
  • Wellness and fitness monthly allowances
  • PTO + paid holidays + unlimited sick leave
  • Autonomy and flexibility with remote work

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Education Level

No Education Listed

Job Search Resources

Similar GRC Lead job opportunities

Lead GRC Analyst
McKesson
McKesson • Alpharetta, GA5d
🔥 New JobLead GRC Analyst
AEG Worldwide
AEG Worldwide • Los Angeles, CA18h
Lead GRC Analyst
McKesson
McKesson • Alpharetta, GA8d
GRC Program Lead
RK&K
RK&K • Baltimore, MD9d
Cybersecurity GRC Lead
Trident Consulting Inc
Trident Consulting Inc • Burlington, MA8d • Hybrid
Cybersecurity GRC Compliance Lead
Northern Trust
Northern Trust • Chicago, IL6d

Tools

Templates & Examples

Resources

Comparisons

Company

Over 4 Million Users
Free AI tools and resources to help you land your next job, faster
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service