Governance, Risk & Compliance Manager

7+ years of experience in Governance, Risk, and Compliance, preferably within a SaaS or cloud-native company. Experience designing and implementing risk management frameworks. Familiarity with SOC 2, ISO 27001, or other compliance frameworks. Experience with Vanta or similar compliance automation platforms. Working understanding of AWS environments, SaaS architectures, and DevOps practices. Excellent organization and communication skills.

Build and mature the enterprise risk management framework. Develop and implement data-driven risk analysis. Lead GRC policy design and implementation. Ensure Disaster Recovery and Business Continuity Plans are current. Design and implement company-wide training materials. Facilitate risk and compliance updates with leadership and the board. Coordinate ongoing SOC 2 Type 2 audit cycle. Liaise with external auditors and manage audit requests. Track and coordinate remediation of audit findings. Own and manage Vanta for continuous compliance. Maintain integrations across corporate applications, AWS, and production infrastructure. Track evidence collection, control testing, and remediation. Manage user access reviews, asset inventory, and control ownership within Vanta. Coordinate and respond to customer security questionnaires. Support completion of vendor risk assessments. Evaluate GRC and compliance automation tools. Monitor regulatory and industry trends. Partner with Engineering and Security teams to embed compliance into workflows.