Security GRC Manager: Customer Trust Enablement

About The Position

Requirements

• 10+ years of progressive experience in compliance, security, or customer trust, with 5+ years building or scaling customer-facing security programs from early stage through high growth and seniority and judgment.
• Proven track record managing enterprise security relationships at scale: you've personally led customer audits and security meetings, built trust with Fortune 500 CISOs, and know how to balance rigor with deal velocity.
• Hands-on experience selling into or supporting highly regulated buyers financial services, banks, healthcare, or insurance and can navigate the depth of their security and regulatory diligence with credibility.
• Understand the regulatory landscape across customer industries and geographies well enough to know what each is genuinely accountable for, and bring empathy to those obligations, balancing customer needs, deal velocity, and what Sierra can credibly commit to, and turning that judgment into clear internal priorities.
• Experience supporting global customers and navigating international data protection and AI regimes (e.g., GDPR, UK GDPR, EU AI Act, cross-border transfer and data-residency requirements).
• Strong technical acumen you can explain complex security architectures, compliance frameworks (NIST 800-53, SOC 2, ISO 27001, PCI DSS, HIPAA), and multi-cloud implementations (AWS, GCP) in customer-friendly language.
• Experience implementing trust automation platforms or building scaled questionnaire-management processes.
• Can identify broken processes, design scalable solutions, and implement the right tools to maximize efficiency without sacrificing quality.
• Comfortable presenting to C-level executives and translating technical security concepts for business audiences.
• Proven track record of cross-functional influence without direct authority — you build partnerships that get things done.
• Experience integrating security into go-to-market motions.

Nice To Haves

• Worked in AI/ML or high-growth SaaS companies navigating rapid compliance expansion.
• Customer Trust and Security experience supporting enterprise deals.
• Familiarity with emerging AI standards (ISO 42001, NIST AI RMF).
• Relevant certifications (CISA, CRISC, CISM, CISSP, ISO 27001 Lead Auditor).
• Experience with AI safety or AI agent / model security considerations.

Responsibilities

• Own the Customer Trust roadmap end-to-end, evolving priorities based on company growth, customer needs, and the competitive landscape.
• Drive automation platform strategy: evaluate, implement, and scale AI questionnaire and trust platforms to dramatically improve response times and automation rates.
• Build systematic customer intelligence loops that translate the regulatory drivers and recurring concerns across industries and regions such as healthcare, insurance providers, financial services, and global markets into prioritized inputs for the Product, Engineering, and Security GRC roadmaps.
• Define metrics, SLAs, and escalation frameworks for the function, and report on cycle time, coverage, and deal impact to leadership.
• Establish team operating rhythms, metrics reporting, and escalation frameworks.
• Create GTM enablement programs that drive self-service adoption across teams.
• Develop trust artifacts including security landing pages, whitepapers, industry-specific FAQs, data-flow and architecture overviews, and sales enablement materials.
• Lead responses to enterprise security questionnaires and RFP security sections (SIG, CAIQ, custom frameworks), and serve as the named security point of contact in strategic sales cycles.
• Lead live customer security meetings and customer audits with highly regulated customers: banks, financial institutions, and healthcare organizations navigating deep technical and regulatory diligence.
• Support complex security contract reviews requiring security expertise, and escalate appropriately.
• Identify broken or manual processes, design scalable solutions, and implement the right tools to maximize efficiency without sacrificing quality.
• Apply automation and AI including AI questionnaire and trust platforms to absorb the volume and depth of regulated-customer diligence, turning days of manual review into minutes.
• Build and maintain a security knowledge base and questionnaire-automation workflows so common questions are answered once and reused across the sales org.
• Curate and update Sierra's Trust Center so customers can self-serve answers under NDA.

Benefits

• Flexible (unlimited) paid time off
• Medical, dental, and vision benefits for you and your family
• Life insurance and disability benefits
• Retirement plan dependent on country of employment
• Parental leave
• Fertility and family building benefits through Carrot
• Lunch, as well as delicious snacks and coffee to keep you energized
• Discretionary benefit stipend giving people the ability to spend where it matters most
• Free alphorn lessons