Senior GRC Lead

Responsibilities

• Manage and scale IT infrastructure, services and tooling
• Work with a diverse group of IT partners to optimize our provided services
• Implement new services in support of Information Technologies vision
• Scale our services by implementing configuration as code via Terraform providers or APIs
• Operationalize and upskill IT and its partners by producing documentation and leading training sessions
• Evangelize best practices both internally and externally facing

Requirements

• 5+ years of experience in GRC, IT Governance, or Security Engineering with a strong track record of automating manual compliance workflows
• Deep experience with security frameworks such as SOC 2, PCI DSS, ISO 27001, and NIST CSF, specifically within cloud-native environments
• Technical proficiency in Python (or similar scripting languages) and experience building integrations using APIs to connect security tools with GRC systems
• Builder mindset with the ability to design and implement automated control testing, continuous monitoring, and data-driven security metrics
• Exceptional cross-functional collaboration and communication skills
• Strong systems thinking for scalable GRC architectures
• Bias for action as a self-starter

Nice-to-haves

• Previous experience in Fintech or banking environments
• Hands-on experience with Tines or other SOAR platforms
• Familiarity with AI/ML governance frameworks (NIST AI RMF, ISO 42001) or securing agentic systems
• Deep knowledge of Cloud Security (AWS/GCP), infrastructure-as-code (Terraform), or DevSecOps practices
• Relevant industry certifications such as CISSP, CISA, or CCSP
• Experience building metrics dashboards for security visualization and reporting
• Active contributions to the GRC or Security community

Compensation

Expected salary range: $153,600 - $192,000 base pay, depending on location, skills, experience, market demands, and internal pay parity. Equity and other forms of compensation may be provided.