Technical Product Owner – Enterprise GRC Platforms

About The Position

Requirements

• Bachelor’s degree or equivalent practical experience
• 2+ years of experience in technical product ownership, business analysis, or GRC technology delivery
• 2+ years of hands‑on experience working with enterprise GRC platforms such as RSA Archer, Aravo, compliance, or audit management systems (or comparable enterprise risk/compliance tools)
• 2+ years of demonstrated ability to translate risk, compliance, or audit requirements into documented technical requirements, including user stories, functional requirements, and acceptance criteria
• 1+ years of experience working in Agile delivery environments (Scrum and/or Kanban)
• Intermediate level of proficiency with written and verbal communication skills, with experience engaging both technical and non‑technical stakeholders

Nice To Haves

• Experience supporting enterprise risk management, third‑party risk, audit management, or compliance programs
• Familiarity with risk and control frameworks such as NIST, ISO 27001, HITRUST, SOC, or similar
• Experience with workflow automation, evidence automation, and system‑to‑system integrations
• Prior experience partnering with external vendors to manage roadmaps and platform enhancements
• Experience working in highly regulated environments (e.g., healthcare, financial services)

Responsibilities

• Own and manage the product backlog for assigned GRC platforms, ensuring alignment with enterprise risk, compliance, audit, and regulatory priorities
• Translate business and risk requirements into epics, user stories, functional requirements, and acceptance criteria
• Partner with engineering teams to support sprint planning, backlog refinement, testing, and release execution
• Ensure production stability by managing defects, prioritizing fixes, and supporting platform enhancements
• Support core GRC capabilities across: Risk assessments, control mapping, issue management, and reporting (eGRC / Archer) Third‑party risk workflows and vendor lifecycle management (Aravo) Audit and compliance artifact intake and workflow orchestration (Compliance Hub)
• Ensure platform configurations align with enterprise risk frameworks (e.g., NIST, ISO, HITRUST) and audit requirements
• Support evidence automation, workflow standardization, and system integrations to improve efficiency and data quality
• Act as the primary product contact for Risk, Compliance, Audit, Technology, and Engineering stakeholders
• Partner with vendors to track roadmap items, manage enhancements, and resolve platform issues
• Communicate delivery status, risks, and dependencies to product, risk, and technology leadership
• Track and report on platform KPIs, including adoption, stability, backlog health, and delivery throughput
• Support audit readiness and regulator‑facing needs by ensuring accurate, reliable system outputs
• Identify opportunities to reduce manual effort, improve user experience, and standardize processes across GRC platforms.

Benefits

• comprehensive benefits package
• incentive and recognition programs
• equity stock purchase
• 401k contribution