What are the responsibilities and job description for the Sr. GRC Manager position at OP Recruiting?
Job Title
Sr. GRC Manager
Location
Remote
About The Opportunity
We are seeking a strategic GRC professional to take full ownership of the governance and compliance architecture for a high-growth SaaS organization. In this critical role, you will serve as the primary architect for SOC 2 readiness and vendor risk management, building a defensible security posture that earns trust from global financial institutions. If you enjoy optimizing audit-ready frameworks and leveraging modern automation to scale compliance operations, this is your next career move.
Responsibilities
Sr. GRC Manager
Location
Remote
About The Opportunity
We are seeking a strategic GRC professional to take full ownership of the governance and compliance architecture for a high-growth SaaS organization. In this critical role, you will serve as the primary architect for SOC 2 readiness and vendor risk management, building a defensible security posture that earns trust from global financial institutions. If you enjoy optimizing audit-ready frameworks and leveraging modern automation to scale compliance operations, this is your next career move.
Responsibilities
- Strategic Governance: Establish and refine the overarching framework for corporate policies, risk registries, and control exceptions, providing regular visibility to executive leadership.
- Audit Management: Direct all phases of the SOC 2 lifecycle, from initial readiness assessments and evidence collection strategy to auditor liaison and final remediation efforts.
- Third-Party Risk Management: Supervise the end-to-end vendor risk program and lead security due diligence inquiries (DDQs/SIGs) to facilitate seamless customer onboarding.
- Compliance Infrastructure: Oversee the centralized repository for compliance documentation and manage the public-facing security trust portal to streamline transparency.
- Workflow Optimization: Integrate AI-driven tools into existing compliance processes to increase reporting velocity without sacrificing audit integrity or accuracy.
- Professional Experience: At least 4 to 7 years of dedicated experience in GRC, IT audit, or security compliance, specifically within the SaaS or financial technology sectors.
- Technical Proficiency: Demonstrated history of leading SOC 2 audits from inception to completion within cloud-native environments.
- Framework Knowledge: Deep familiarity with industry-standard security frameworks, including NIST, ISO 27001, or CIS.
- Communication: Exceptional written and verbal skills, with the ability to translate complex compliance requirements for diverse internal and external stakeholders.
- Industry Credentials: Possession of relevant certifications such as CISA, CISM, CRISC, CISSP, or CCSK.
- Specialized Exposure: Previous experience managing security compliance for customers in highly regulated financial sectors.
- Tooling: Hands-on experience with automated compliance platforms and trust center management tools.
- Competitive Salary: [Include range if known - Note: California law requires salary transparency in job postings].
- Benefits: Comprehensive insurance, retirement plans, and modern work-life balance perks.