Senior Director, GRC Engineering

10+ years of experience working in the Governance, Risk, and Compliance industry. Strong leadership experience and ability to lead a team from a foundation of transparency and trust. Experience working with security and privacy frameworks, including SOC II, ISO 27001, ISO 27701, and FedRAMP. Demonstrable expertise in SOC II, ISO 27001, NIST 800-53 at minimum. Experience managing a large team of people (10+). Experience working and interfacing with C-level customer contacts. Technical expertise to understand and explain security and GRC concepts. Familiarity with Cloud Infrastructure, Risk Management, Policy Management, Security Training and Awareness, Vendor Risk Management, Vulnerabilities Management, and their related security processes. Experience in building productive relationships and driving collaboration with both technical and non-technical teams. Knowledge of the audit process and experience owning SOC2, ISO, and FedRAMP audits. Security compliance management experience within a SaaS environment preferred. Professional customer-facing experience preferred. Security certifications (e.g., CISA, CISSP) and/or formal education strongly preferred.

Oversee governance, risk, and compliance functions (Vendor Risk Management, Risk Management, Policy Management, Training and Awareness, Customer Trust). Ensure ongoing compliance with SOC II and ISO certifications. Drive the evolution of the program to meet FedRAMP Authorization (Moderate 20x and Moderate Rev 5). Lead and grow a team of security professionals. Drive GRC Engineering concepts and automated compliance strategies. Shape internal GRC strategy and be an external voice. Provide expert feedback to Engineering, Product, and Design teams on product offerings. Represent Vanta's products, vision, and voice externally. Participate in CISO leadership team and collaborate with Security Engineering and Operations leaders. Track team performance and report goals to leaders outside of the security team. Partner with Sales and Customer Success to represent the Trust Management Platform. Become an expert on Vanta's security features and best practices. Serve as Vanta customer zero by testing and implementing Vanta capabilities. Coordinate with cross-functional teams to provide customer updates on features and programs.