GRC Specialist

About The Position

Requirements

• You’ll ideally have 5+ years of progressive experience in the following:
• Building and scaling compliance programs across multiple frameworks and regulatory requirements, including SOC 2, ISO 27001, HIPAA, with extensive experience in FedRAMP, DoD, and public sector or highly regulated environments
• AI governance and frameworks such as ISO 42001
• Strong project management and cross-functional execution skills
• Technical fluency and comfort working with Engineering and Security teams
• Automation, workflow tooling, or process design; some hands-on experience with Python or similar scripting for lightweight automation is a plus
• Strong written communication, organization, and attention to detail.

Nice To Haves

• Experience designing and implementing mature risk management frameworks, including FAIR, quantitative risk methodologies, and other structured enterprise risk models
• Consulting experience in regulated environments, including multi-jurisdictional compliance programs and regulatory requirements across the U.S. and international markets
• Experience with additional frameworks such as NIST CSF, NIST RMF, NIST AI RMF, CMMC, or similar standards
• Experience working in cloud-native, SaaS, or highly technical product environments
• Experience preparing reports, metrics, and presentations for senior leadership, including communicating compliance posture, program progress, and risk insights to executive stakeholders.

Responsibilities

• Build, implement, and scale compliance programs, controls, and processes across frameworks and regulatory requirements including SOC 2, ISO 27001, HIPAA, ISO 42001, Product Compliance, and FedRAMP/DoD (+others)
• Support and mature compliance efforts related AI governance including work aligned to ISO 42001 and the EU AI Act
• Drive compliance readiness for FedRAMP, DoD, and related public sector requirements, while supporting broader enterprise and customer-facing compliance obligations
• Partner with Security, Engineering, Modeling, Product, Legal, and other cross-functional teams to translate requirements into practical, scalable controls
• Improve compliance operations through automation, tooling, and scalable workflows
• Help build scripts or lightweight tools for evidence collection, reporting, control tracking, and audit readiness
• Manage cross-functional projects, timelines, remediation efforts, and audit preparation
• Support audits, assessments, and customer or regulatory compliance requests.

Benefits

• An open and inclusive culture and work environment
• Work closely with a team on the cutting edge of AI research
• Weekly lunch stipend, in-office lunches & snacks
• Full health and dental benefits, including a separate budget to take care of your mental health
• 100% Parental Leave top-up for up to 6 months
• Personal enrichment benefits towards arts and culture, fitness and well-being, quality time, and workspace improvement
• Remote-flexible, offices in Toronto, New York, San Francisco, London and Paris, as well as a co-working stipend
• 6 weeks of vacation (30 working days!)