Member of GRC Staff
New
R
RunwayArtificial Intelligence
Open to hiring remote across the USFull-TimeStaff
Salary150,000 - 210,000 USD per year
Apply NowOpens the employer's application page
Job Details
- Experience
- 7+ years
- Required Skills
- Machine LearningComplianceRisk Management
Requirements
- 7+ years of experience in information security, risk management, or compliance roles
- Deep understanding of security frameworks and standards (NIST, ISO 27001, SOC 2)
- Hands-on experience running SOC 2 Type II and ISO 27001 audits
- Experience building compliance programs in fast-paced technology environments
- Strong knowledge of privacy regulations and requirements (GDPR, CCPA) including operational experience handling data subject access and deletion requests
- Experience completing customer security questionnaires and supporting Sales on security due diligence
- Excellent communication skills with ability to effectively engage technical and non-technical stakeholders
- Experience with cloud security and modern development practices
- Understanding of machine learning concepts and AI development workflows
- Experience in AI/ML company or research organization (preferred)
- Experience with AI safety and ethics frameworks (preferred)
- Background in implementing automated security controls (preferred)
Responsibilities
- Design and implement a comprehensive GRC framework that addresses both traditional security controls and novel AI safety considerations
- Lead engagements with external auditors and assessors to obtain and maintain critical security certifications (SOC 2, ISO 27001/27701/42001, FedRAMP, etc.)
- Own and help fulfill GDPR data subject requests, including access (DSARs) and erasure/deletion requests
- Review and redline the security and data protection terms of customer and vendor contracts (TOMs, DPAs, MSAs) in partnership with Legal
- Partner with AI research teams to develop and implement appropriate safeguards and controls for machine learning systems
- Create and maintain security policies, standards, and procedures
- Maintain AI governance documentation and internal AI usage guidelines
- Develop and oversee security awareness and training programs
- Drive continuous improvement of security controls and risk management processes
- Serve as a key advisor to leadership on security, privacy, and AI safety matters
View Full Description & ApplyYou'll be redirected to the employer's site
