Head of GRC

We are seeking a Head of Governance, Risk, and Compliance (GRC) to own our compliance program end-to-end. This role involves managing GRC operations and ensuring SOC 2 readiness, alongside aligning with GDPR and CCPA regulations. You will be responsible for customer trust and vendor risk management, while also building compliance awareness and leadership reporting.

Key Responsibilities

• Manage the compliance program from start to finish.
• Oversee GRC operations and ensure readiness for SOC 2 audits.
• Ensure alignment with GDPR and CCPA regulations.
• Build and maintain customer trust and manage vendor risk.
• Develop compliance awareness within the organization and prepare leadership reports.

Required Skills & Qualifications

• 8+ years of experience in GRC, compliance, or security.
• 3+ years in a leadership role.
• Extensive experience with SOC 2 Type II audits.
• Familiarity with GDPR, CCPA, NIST, and ISO 27001.
• Strong technical foundation in cloud infrastructure (AWS, GCP, Azure).
• Ability to write policy documents and review security questionnaires.
• Excellent communication skills to explain risks to non-technical stakeholders.
• Hands-on approach with a strategic mindset.
• Experience working with enterprise customers.
• Flexible availability for part-time work (~20 hrs/week); remote work possible for the right candidate.