Senior Governance, Risk & Compliance Expert

About The Position

Requirements

• Experience: Approximately 8-10+ years of progressive experience in governance, risk, and compliance roles, preferably in a tech environment , with a strong track record in risk management, compliance oversight, and information security.
• Technical Skills: Proven expertise in administering and configuring GRC tools/platforms (e.g., Archer, Navex IRM, MetricStream, ServiceNow GRC) to support enterprise compliance and risk programs1. Solid understanding of IT systems and controls; able to assess and implement technical controls aligned with security frameworks.
• Framework Knowledge: In-depth knowledge of industry standards and cybersecurity frameworks such as NIST CSF , ISO 27001, SOC 2, and related regulations or best practices. Ability to translate framework requirements into internal controls and processes.
• Soft Skills: Excellent analytical and critical thinking abilities. Strong communication and interpersonal skills, with experience presenting risk and compliance updates to senior leadership in a clear and impactful way2. Proven ability to work both independently and collaboratively to solve complex, unstructured problems. Quick learner who adapts to new tools and evolving regulatory environments.
• Education: Bachelor’s degree in Computer Science, Information Security, Information Technology, or a related field. (Equivalent work experience or demonstrated competence is also acceptable.)

Nice To Haves

• experience with AI/ML technologies and the ability to develop AI-driven solutions

Responsibilities

• Risk Management & Compliance: Develop and maintain risk registers and ensure compliance with relevant cybersecurity frameworks (e.g., NIST CSF, ISO 27001)
• GRC Tool Implementation: Configure and manage GRC platforms (such as RSA Archer , Navex , MetricStream , or similar) to automate workflows and reporting. Ensure these tools are optimally used for tracking compliance activities, risk assessments, and audit findings.
• Process Flow Development: Design and document end-to-end GRC process flows and workflows, translating compliance requirements into actionable processes. Take a hands-on role in optimizing and re-engineering processes for efficiency and effectiveness, rather than only overseeing them.
• Cross-Functional Collaboration: Work closely with IT, Security, Legal, and business teams to integrate GRC practices into all operations.
• Reporting & Leadership Communication: Prepare comprehensive risk and compliance reports. Present findings, metrics, and recommendations to senior management and executive stakeholders, articulating complex issues in a clear, structured manner.
• Continuous Improvement & Innovation: Stay abreast of emerging technologies (including AI/ML) and best practices in GRC. Proactively recommend and implement enhancements to the GRC program, such as using AI-driven tools for threat detection or compliance automation, to improve effectiveness and efficiency.

Benefits

• Health insurance
• Dental insurance
• Vision insurance
• Long term/short term disability insurance
• Employee assistance program
• Flexible spending account
• Life insurance
• Generous time off policies, including; 4-12 weeks fully paid parental leave based on tenure
• 13 paid holidays
• 15 days paid time off ( US benefits overview )