Senior Director, Global Head of GRC

About The Position

Requirements

• Bachelor’s or Master’s degree in Cybersecurity, Risk Management, Business, or related field.
• 12+ years in security, risk, or compliance, with 5–7+ years in senior leadership roles.
• Proven experience leading global GRC functions in SaaS, cloud, or highly regulated environments.
• Deep expertise across major frameworks (ISO, SOC, FedRAMP, PCI) and U.S. public sector / defense compliance (CMMC).
• Demonstrated success using compliance programs to enable business growth and market expansion.
• Strong background in enterprise risk management, control frameworks, and audit execution.
• Relevant certifications (e.g., CISSP, CISM, CRISC, CISA) preferred.

Nice To Haves

• Experience in cybersecurity or SaaS industry.
• Executive presence with the ability to translate regulatory complexity into business strategy.
• Strategic, risk-based mindset focused on enablement—not just control enforcement.
• Proven ability to operate in complex, fast-scaling, and highly matrixed environments.
• Track record of building and leading high-performing global teams.
• Passion for strengthening customer trust while enabling innovation and growth.

Responsibilities

• Define and execute Proofpoint’s global GRC and trust strategy, aligned with business growth, product innovation, and market expansion.
• Serve as the global functional head of GRC, with end-to-end accountability for governance, risk management, compliance, and security assurance.
• Position compliance as a business enabler, directly supporting revenue growth, customer acquisition, and entry into regulated markets.
• Establish a unified control framework that scales across products, cloud platforms, and geographies while reducing audit friction and duplication.
• Lead compliance strategy supporting expansion into U.S. public sector and defense markets, including FedRAMP (Moderate/High) and CMMC Level 2.
• Enable international growth through alignment with regional frameworks (e.g., IRAP, ISMAP, ENS, BSI C5, TISAX, ACN).
• Partner with go-to-market teams to leverage certifications and regulatory posture as a competitive differentiator in customer engagements.
• Act as a strategic advisor on regulatory requirements impacting product strategy, cloud deployments, and data residency.
• Own end-to-end delivery of global audits, certifications, and regulatory engagements.
• Ensure successful execution and continuous maturity across key frameworks: ISO 27001 / ISO 42001, SOC 2 Type II, FedRAMP (Moderate/High), CMMC Level 2, PCI DSS, Regional frameworks (IRAP, ISMAP, ENS, BSI C5, TISAX, ACN, etc.).
• Drive continuous compliance through automation, control optimization, and integration into engineering and operational workflows.
• Embed compliance requirements into product and cloud architecture in partnership with Engineering and Product teams.
• Own and mature enterprise risk management (ERM), including risk identification, quantification, prioritization, and executive reporting.
• Establish governance structures that provide clear accountability and real-time visibility into enterprise risk posture.
• Align risk appetite with business objectives in partnership with executive leadership.
• Oversee third-party risk management and supply chain security programs.
• Define KPIs and metrics to measure GRC program effectiveness, control maturity, and business impact.
• Drive audit readiness, control effectiveness, and enterprise-wide remediation programs.
• Enhance GRC tooling, automation, and data visibility to support scalable, efficient compliance operations.
• Deliver clear, actionable reporting to executive leadership and the Board on risk and compliance posture.
• Lead Proofpoint’s approach to AI governance (ISO 42001) and emerging regulatory requirements for AI and agentic systems.
• Stay ahead of global regulatory trends, translating complexity into actionable strategies and competitive advantage.
• Advance modern GRC practices, including continuous controls monitoring and integrated risk platforms.
• Build, lead, and mentor a high-performing global GRC organization.
• Serve as an executive-facing leader, engaging with senior leadership, customers, auditors, and regulators.
• Represent Proofpoint’s trust, risk, and compliance posture in strategic customer and partner engagements.
• Champion a culture of accountability, transparency, and business-aligned risk management across the company.

Benefits

• Competitive compensation
• Comprehensive benefits
• Career success on your terms
• Flexible work environment
• Annual wellness and community outreach days
• Always on recognition for your contributions
• Global collaboration and networking opportunities
• flexible time off
• a comprehensive well-being program with two paid Wellbeing Days and two paid Volunteer Days per year
• a three-week Work from Anywhere option