Security GRC Senior Lead

Salesforce•San Francisco, CA

About The Position

The Security GRC Senior Lead will serve as a principal compliance strategist for our expanding global Contact Center as a Service (CCaaS) platform. This role requires a strategic thinker who can bridge the gap between traditional cloud security frameworks and complex, global telecommunications regulations. You will be responsible for translating emerging regulatory requirements into actionable compliance guardrails and overseeing our broader telecom reporting strategy.

Requirements

8+ years of experience in Security GRC, Legal, or Regulatory Affairs, preferably within the SaaS, CCaaS, or UCaaS space.
Strong working knowledge of international telecommunications regulations and compliance frameworks across North America, Europe, and other emerging global markets.
Experience managing or overseeing formal regulatory reporting and filing processes at an enterprise level.
Proven ability to translate complex legal/regulatory text into clear requirements for product and business teams.
Exceptional executive communication skills, capable of presenting risk scenarios and strategy to senior leadership.

Responsibilities

Regulatory Strategy: Lead the compliance strategy for our global CCaaS initiatives, translating guidance and requirements into high-level business and product strategy.
Regulatory Filings & Governance: Oversee the strategy and governance of mandatory quarterly, annual, and ad hoc regulatory filings to governing bodies (ex., FCC, CRTC), ensuring total accuracy and organizational alignment.
Continuous Regulatory Monitoring: Actively scan and monitor the global telecom and security landscape for new, pending, and evolving regulations, proactively assessing their impact on our product roadmap and global compliance posture.
Cross-Functional Alignment: Act as a key GRC liaison to Product Management and business leadership, ensuring "compliance by design" is embedded in the product lifecycle.
Vendor & Firm Management: Oversee and direct engagements with external advisory partners to drive global regulatory and compliance analyses.
Risk Management: Define and manage the shared responsibility model, clearly delineating telecom and compliance liabilities between our platform, underlying carrier partners, and our customers based on whether they utilize a reseller or BYOC architecture.