Manager, Governance, Risk and Compliance
About The Position
At Path Robotics, we’re building the future of embodied intelligence. Our AI-driven systems enable robots to adapt, learn, and perform in the real world closing the skilled labor gap and transforming industries. We go beyond traditional methods, combining perception, reasoning, and control to deliver field-ready AI that is risk-aware, reliable, and continuously improving through real-world use. Big, hard problems are our everyday work, and our team of intelligent, humble, and driven people make the impossible possible together. We are seeking an experienced Cybersecurity Governance, Risk and Compliance (GRC) Manager to build and lead the enterprise GRC program. This role will assist in the build-out of the GRC program from early stages to completed services, supporting the ongoing governance standards, risk assessments and remediations, and certification and regulatory requirements needs. This role will help the business grow through new market opportunities.
Requirements
- Bachelor’s Degree in business, finance, information management, or other related field
- 3+ years of experience in leadership of IT Risk Management, IT Compliance, or Audit roles
- 3+ years of experience working with regulatory compliance requirements (e.g. CMMC, FISMA, GLBA, HIPAA, SOx, etc.)
- 5+ years experience assessing and meeting framework control requirements (NIST 800-53, NIST CSF, CIS, CSA, etc.)
Nice To Haves
- Professional certifications in two or more of the following: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Governance Risk and Compliance (CGRC), Certified in Risk and Information Systems Control (CRISC), Governance, Risk and Compliance Professional (GRCP), ISO 27001 Lead Implementer or Lead Auditor
- Experience supporting cloud environments (e.g., AWS, Azure, GCP) in regulated or government-focused environments
- Proven track record of building Governance, Risk and/or Compliance programs from the ground up and scaling them to meet business growth and needs
Responsibilities
- Assist in the build-out and lead the Cybersecurity GRC program
- Lead with hands-on support of the day-to-day activities of the GRC program
- Provide project management across governance, risk and compliance disciplines
- Coordinate, oversee and manage the development, implementation and enforcement of policies, procedures and programs to minimize risk
- Develop and execute testing plans to ensure compliance of policies, procedures and associated controls to ensure regulatory compliance requirements are met
- Conduct ongoing internal risk assessments, managing risk register, and working with relevant teams to reduce or remediate identified risks
- Evaluate testing results, identify control gaps or weaknesses, track remediations to closure and conduct follow-up testing
- Assist in conducting third-party risk assessments of vendors
- Provide reporting of risk and compliance programs regularly to committee members and/or leadership
- Assist in implementing and managing certification programs, including: ISO 27001, NIST 800-171 / CMMC Level 2, FedRAMP (Moderate)
- Own and manage GRC tooling to document, track and report on risk and compliance status
- Provide guidance to internal teams on control improvement, compliance requirements and audit readiness
- Monitor for and communicate laws, rules regulations and framework changes to control owners to ensure timely update of control requirements
Benefits
- Daily free lunch
- Flexible PTO
- Comprehensive medical, dental, and vision coverage
- 6 weeks fully paid parental leave, plus an additional 6–8 weeks for birthing parents (12–14 weeks total)
- 401(k) retirement plan through Empower
- Generous employee referral bonuses
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Manager
