What are the responsibilities and job description for the Governance, Risk & Compliance (GRC) Lead position at Fireworks AI?
About Us
At Fireworks, we’re building the future of generative AI infrastructure. Our platform delivers the highest-quality models with the fastest and most scalable inference in the industry. We’ve been independently benchmarked as the leader in LLM inference speed and are driving cutting-edge innovation through projects like our own function calling and multimodal models. Fireworks is a Series C company valued at $4 billion and backed by top investors including Benchmark, Sequoia, Lightspeed, Index, and Evantic. We’re an ambitious, collaborative team of builders, founded by veterans of Meta PyTorch and Google Vertex AI.
The Role
Fireworks AI is seeking an experienced Governance, Risk & Compliance (GRC) Lead to build, scale, and mature our compliance and risk management program. In this role, you will partner closely with engineering, legal, security, and product teams to establish practical controls, manage risk, and support customer trust in our platform.
Key Responsibilities
At Fireworks, we’re building the future of generative AI infrastructure. Our platform delivers the highest-quality models with the fastest and most scalable inference in the industry. We’ve been independently benchmarked as the leader in LLM inference speed and are driving cutting-edge innovation through projects like our own function calling and multimodal models. Fireworks is a Series C company valued at $4 billion and backed by top investors including Benchmark, Sequoia, Lightspeed, Index, and Evantic. We’re an ambitious, collaborative team of builders, founded by veterans of Meta PyTorch and Google Vertex AI.
The Role
Fireworks AI is seeking an experienced Governance, Risk & Compliance (GRC) Lead to build, scale, and mature our compliance and risk management program. In this role, you will partner closely with engineering, legal, security, and product teams to establish practical controls, manage risk, and support customer trust in our platform.
Key Responsibilities
- Design and execute of our Governance, Risk, and Compliance (GRC) strategy, successfully implementing and maintaining key industry frameworks (e.g., SOC 2 Type II, ISO 27001/27701, PCI, HIPAA), ensuring all certification requirements are met.
- Oversee all continuous monitoring activities across the compliance program, including but not limited to formal access reviews, ongoing vendor due diligence, policy compliance reviews, and mandatory security training enforcement.
- Serve as the primary liaison for all external audit bodies, directing the end-to-end audit lifecycle, from scoping and evidence gathering to artifact review and timely remediation of findings.
- Establish and maintain a robust global privacy compliance program for all data processing activities, ensuring adherence to regulations like GDPR, CCPA, and CPRA.
- Design and implement scalable GRC processes, documentation, and tooling to support hyper-growth and the efficient adoption of new compliance frameworks (e.g., ISO 42001 for AI).
- Develop and lead the company-wide risk assessment program, identifying, evaluating, and prioritizing data security and compliance risks, and driving the implementation of effective mitigation strategies.
- Own the Third-Party Risk Management (TPRM) program, conducting due diligence, and contract review.
- Author, update, and enforce all policies, specifically integrating security, data privacy, and the emerging field of AI safety and ethics into the policy lifecycle.
- Follow and help shape the AI regulatory and standards landscape to keep the company at the forefront of industry developments and best practices
- 7 years of experience in Governance, Risk, and Compliance (GRC) roles, with at least 3 years in a leadership capacity overseeing audit and certification efforts.
- Leading GRC/Security in a high-growth, cloud-native technology environment.
- Demonstrated expertise with GRC platforms (e.g., Vanta) to automate and scale compliance operations
- Ability to translate complex regulatory and audit requirements (e.g., ISO, SOC 2) into clear, documented, and actionable engineering work-streams.
- Strong commitment to cross-functional collaboration with IT, Security, GTM, and Engineering
- Self-motivated, detailed and organized, with a diligent approach to project completion
- Excellent written, verbal, and interpersonal communication skills
- Solve Hard Problems: Tackle challenges at the forefront of AI infrastructure, from low-latency inference to scalable model serving.
- Build What’s Next: Work with bleeding-edge technology that impacts how businesses and developers harness AI globally.
- Ownership & Impact: Join a fast-growing, passionate team where your work directly shapes the future of AI—no bureaucracy, just results.
- Learn from the Best: Collaborate with world-class engineers and AI researchers who thrive on curiosity and innovation.