CrawlJobs Logo

Cloud Security GRC Specialist

meta.com Logo

Meta

Location Icon

Location:
United States , Bellevue

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

153000.00 - 209000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

Meta's Security Governance, Risk and Compliance function (Security GRC) serves as the primary hub for Security risk management and compliance across the company, providing support to Meta and its family of apps. Within Security GRC, the Cloud Security GRC function is a horizontal capability providing guidance and direction to first line teams in making Meta’s Cloud platforms secure, available and compliant. At Meta, we understand the significance of security, data protection, and privacy for the billions of people who use our services. We are committed to ensuring compliance with applicable laws and regulations such as the General Data Protection Regulation (GDPR), the European Electronic Communications Code (EECC), the Network and Information Security Directive (NIS2), and others, while enabling the business to rapidly and securely use appropriate Cloud solutions. We are currently seeking highly experienced and motivated information security professionals to join our Cloud Security Function to continue to develop Cloud Security GRC capabilities. This role is critical in driving change and ensuring compliance with these and other obligations. As part of this role, you will collaborate closely with engineers, analysts, technical program managers, business stakeholders, legal teams, and risk & compliance teams across the Meta organization. You will bring a comprehensive understanding of various aspects of information security and the ability to apply this knowledge to solve problems at scale. This role demands a blend of business and technical acumen, proven communication skills, and a keen desire to learn. Our goal is to make Meta the premier place to work for governance, risk, compliance, security, and integrity professionals.

Job Responsibility:

  • Lead significant programs of work across various levels of cross-functional (XFN) teams in Cloud Security and Cloud GRC areas
  • Collaborate with team members and stakeholders to understand or identify defined work problems and program goals, obtain prioritized deliverables, and discuss program impact
  • Design, implement, and/or assess security controls and frameworks
  • Implement maturity frameworks across multiple programs factoring in emerging regulations and proactive detection of risks
  • Assess and document emerging regulatory impact on established policy and control frameworks
  • Identify, communicate, and collaborate with relevant stakeholders within one or more teams to drive impact and work toward mutual goals
  • Establish learnings, best practices, standardized frameworks and tools across GRC and related teams
  • Develop detailed program/project plans in partnership with cross-functional teams
  • Identify opportunities for information sharing, process improvement and automation
  • Support business travel on an as needed basis (up to 10%)

Requirements:

  • 7+ years experience in information security and/or technology risk including one or more domains (e.g., access management, vulnerability management, change management, business continuity, application security, asset management)
  • Demonstrable familiarity with key Cloud Security, Risk Management and Compliance concepts
  • 4+ years of experience in hands on security, with at least one of the major CSPs (AWS, GCP, Azure)
  • Experience in a GRC function overseeing Cloud implementations at scale
  • Experience in designing and implementing control frameworks
  • Experience in assessing security deficiencies in information systems and recommending mitigating controls in a corporate environment
  • Familiarity with compliance frameworks and regulatory requirements such as NIST, CSA CCM, ISO-27001, ISO27018, SOC2, GDPR, EECC, eDP, NIS2, and other relevant structures
  • Bachelor's Degree in Computer Science, Information Systems, Engineering, Cybersecurity or related field or equivalent experience

Nice to have:

  • Security industry qualification (CISSP, CISM, CISA or similar)
  • Cloud-specific Cloud Certifications (CCSP, AWS Certified Security Specialist, CCSK, etc.)
  • Master's Degree in Computer Science, Information Systems, Engineering, Cybersecurity or related field
What we offer:
  • bonus
  • equity
  • benefits

Additional Information:

Job Posted:
January 23, 2026

Icon
Meta - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Cloud Security GRC Specialist

Account Executive

The Account Executive (Strategic/Global Accounts) is responsible for developing ...
Location
Location
United States , New York
Salary
Salary:
250000.00 - 270000.00 USD / Year
knowbe4.com Logo
KnowBe4
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree strongly preferred (exceptions may be made for military experience). Degree in any field acceptable, but a plus if Cybersecurity, Computer Science, IT, Business, Marketing
  • Proven track record selling to EVP and C-level (CISOs and Security Teams a plus)
  • 5+ years SaaS sales experience (Cybersecurity preferred but not required)
  • Experience selling deals $100K - $200K in the Enterprise segment
  • Experience selling multi-year deals
  • International: English and local language proficiency required
  • Has demonstrated expertise in value-based selling methodologies with enterprise accounts
  • Executive-level presentation and communication skills
  • Experience with strategic account planning and management showing measurable account growth
  • Experience managing and progressing opportunities involving multiple stakeholders
Job Responsibility
Job Responsibility
  • Promote and sell KnowBe4’s range of products and services
  • Build and maintain a pipeline of potential customers by developing and managing relationships with prospects
  • Build and maintain a pipeline of potential cross sale, add-on and upgrade opportunities by developing and managing relationships with your assigned customer accounts
  • Identify key decision makers and develop meaningful relationships that add value and drive future account growth
  • Articulate the value proposition of KnowBe4’s full suite of products and help the customer understand how it will improve their business’s security awareness training (and security overall)
  • Achieve or exceed monthly quotas and/or targets
  • Be well versed in KnowBe4’s product offerings and promote the products and services at trade shows as requested
  • Follow up on marketing leads to generate sales opportunities and pipeline
  • Act strategically in offering or negotiating discounted pricing, in line with established policies and procedures
  • Maintain accurate and thorough records for customer calls, emails, notes, tasks, demos and other relevant information in compliance with the Administration Policy
What we offer
What we offer
  • Company-wide bonuses based on monthly sales targets
  • Employee referral bonuses
  • Adoption assistance
  • Tuition reimbursement
  • Certification reimbursement
  • Certification completion bonuses
  • Modern, high-tech, and fun work environment
  • Fulltime
Read More
Arrow Right

Strategic Account Director

The Strategic Account Director position is responsible for developing and managi...
Location
Location
United States , New York
Salary
Salary:
250000.00 - 270000.00 USD / Year
knowbe4.com Logo
KnowBe4
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree strongly preferred (exceptions may be made for military experience). Degree in any field acceptable, but a plus if Cybersecurity, Computer Science, IT, Business, Marketing
  • Proven track record selling to EVP and C-level (CISOs and Security Teams a plus)
  • 5+ years SaaS sales experience (Cybersecurity preferred but not required)
  • Experience selling deals $100K - $200K in the Enterprise segment
  • Experience selling multi-year deals
  • International: English and local language proficiency required
  • Has demonstrated expertise in value-based selling methodologies with enterprise accounts
  • Executive-level presentation and communication skills
  • Experience with strategic account planning and management showing measurable account growth
  • Experience managing and progressing opportunities involving multiple stakeholders
Job Responsibility
Job Responsibility
  • Promote and sell KnowBe4’s range of products and services
  • Build and maintain a pipeline of potential customers by developing and managing relationships with prospects
  • Build and maintain a pipeline of potential cross sale, add-on and upgrade opportunities by developing and managing relationships with your assigned customer accounts
  • Identify key decision makers and develop meaningful relationships that add value and drive future account growth
  • Articulate the value proposition of KnowBe4’s full suite of products and help the customer understand how it will improve their business’s security awareness training (and security overall)
  • Achieve or exceed monthly quotas and/or targets
  • Be well versed in KnowBe4’s product offerings and promote the products and services at trade shows as requested
  • Follow up on marketing leads to generate sales opportunities and pipeline
  • Act strategically in offering or negotiating discounted pricing, in line with established policies and procedures
  • Maintain accurate and thorough records for customer calls, emails, notes, tasks, demos and other relevant information in compliance with the Administration Policy
What we offer
What we offer
  • Company-wide bonuses based on monthly sales targets
  • Employee referral bonuses
  • Adoption assistance
  • Tuition reimbursement
  • Certification reimbursement
  • Certification completion bonuses
  • Modern, high-tech, and fun work environment
  • Fulltime
Read More
Arrow Right

Solutions Engineer, Security Specialist

The Technical Success team is responsible for ensuring the safe and effective de...
Location
Location
Japan , Tokyo
Salary
Salary:
Not provided
openai.com Logo
OpenAI
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in a customer-facing security role such as security pre-sales/solutions engineering, security consulting, security architecture, or GRC-adjacent customer advisory in B2B SaaS or cloud environments
  • Can credibly engage and influence CISOs, security architects, privacy teams, and procurement/risk stakeholders in real-time discussions
  • Have working knowledge of common frameworks and requirements (e.g., SOC 2, ISO 27001, GDPR
  • DORA
  • bonus for regulated regimes like FedRAMP/HIPAA/PCI/DORA depending on segment)
  • Understand modern cloud/security fundamentals: IAM, network/security architecture, encryption/key management concepts, logging/monitoring, vulnerability management, incident response, and secure SDLC
  • Are strong in structured writing and can produce crisp, consistent answers under time pressure (questionnaires, RFIs, executive summaries)
  • Can operate in ambiguity, own problems end-to-end, and create repeatable processes that scale beyond yourself
Job Responsibility
Job Responsibility
  • Lead customer security engagements end-to-end: discovery, security deep dives, live calls, follow-ups, and action tracking—especially for regulated customers
  • Own security questionnaires/RFIs for priority customers: coordinate inputs, ensure accuracy, drive turnaround time, and manage escalations
  • Translate security posture into customer-relevant narratives: data flows, tenant boundaries, identity and access controls, encryption, logging/monitoring, incident response, privacy controls, and risk mitigations
  • Guide customers to standardized resources (e.g., trust collateral) and explain what is standard vs. what requires escalation or exceptions
  • Partner closely with GRC and Security teams to escalate non-standard requirements, clarify control intent, and ensure customer-facing responses remain aligned with approved posture
  • Create scalable enablement: playbooks, FAQs, response libraries, and training that reduce repeated work for Solutions Engineers and Sales
  • Represent the voice of regulated customers internally by identifying themes and recurring blockers
  • propose improvements to packaging, documentation, and product readiness
  • Fulltime
Read More
Arrow Right

Senior GRC specialist

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innova...
Location
Location
Israel , Netanya/Tel Aviv
Salary
Salary:
Not provided
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of direct experience in Information Security GRC, Risk Management, or Audit, preferably acquired within a high-growth SaaS or cloud-native environment
  • A proactive, self-starting mentality with strong analytical, project management, and problem-solving skills, with proven ability to validate your own work and drive tasks to completion independently
  • Demonstrable expertise in managing core compliance programs (SOC 2, ISO 27001)
  • Experience pursuing net-new compliance certifications and initiatives (e.g., R, C5, TISAX, IRAP)
  • Experience developing, drafting, and implementing security policies and standards from the ground up in a tech-focused environment, harmonizing controls across frameworks to create agile standards
  • Experience leading complex security audits, serving as a primary liaison and "in-the-room" lead during internal and external audits
  • Strong understanding of information security principles, risk management, and control frameworks in a cloud-first environment (AWS, GCP, Azure)
  • Exceptional communication and interpersonal skills, with a proven ability to build relationships and influence change across engineering, product, and business teams, and the ability to write concise, "Executive Ready" policies and risk reports
  • Hands-on experience with GRC platforms and a drive to automate manual GRC workflows
  • Bachelor’s degree in Cybersecurity, Information Technology, Law, or a related field, or equivalent practical experience
Job Responsibility
Job Responsibility
  • Drive Security Framework Adoption (New Markets): Lead the strategic adoption of net-new security frameworks to unlock business markets
  • Oversee the Security Certification Program: Oversee the end-to-end execution of our security assurance portfolio (ISO 27001, SOC 2)
  • Lead Security Audits: Serve as a primary GRC contact for internal and external audits. You'll coordinate evidence gathering, craft management responses, and drive the remediation of findings
  • Lead Governance Initiatives: Develop, maintain, and enhance the enterprise-wide security GRC framework, policies, standards, and procedures, ensuring they align with our cloud-native and SaaS environment
  • Risk Management & TPRM: Evolve our Third-Party (TPRM) and Internal Security Risk programs, including executing and documenting comprehensive risk assessments, ensuring that findings are remediated and clearly aligned with JFrog’s risk appetite
  • Collaborate Cross-Functionally: Partner with engineering, product, IT, and legal teams to embed security controls into daily business operations, ideally automated
  • Mentor & Advise: Act as a subject matter expert on governance and risk for the wider organization and provide mentorship to junior GRC team members
Read More
Arrow Right

Staff GRC Risk Specialist

Crusoe's mission is to accelerate the abundance of energy and intelligence. We’r...
Location
Location
United States , San Francisco
Salary
Salary:
130000.00 - 170000.00 USD / Year
crusoe.ai Logo
Crusoe
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in GRC, security engineering, or IT risk roles with strong product and architecture fluency
  • Proven ownership of risk management programs, including risk registers, technical risk assessments, and executive-level reporting
  • Deep knowledge of security and risk frameworks (ISO 27001, ISO 42001, SOC 2, NIST 800-53, NIST CSF, NIST AI RMF, HIPAA) and their application to real-world systems
  • Strong understanding of cloud-native architectures and security controls across AWS, GCP, or Azure
  • Experience with GRC platforms (e.g., Vanta, Drata, OneTrust, ServiceNow GRC) and workflow tools such as Jira Service Management
  • Demonstrated ability to leverage AI-powered tools and agents to automate GRC workflows and scale risk operations
Job Responsibility
Job Responsibility
  • Owning the enterprise risk function, including development and continuous improvement of the Risk Register across identification, assessment, mitigation, and monitoring
  • Conducting deep technical risk assessments across AI systems and products, data architectures, and inference infrastructure
  • Reviewing risk for new products, features, applications, and datasets to embed security and compliance early in the development lifecycle
  • Tracking mitigation efforts, escalating critical risks, and providing clear, contextualized risk insights to stakeholders and leadership
  • Designing and delivering executive risk reporting, including quarterly briefings on emerging regulations, business changes, and compliance impact forecasts
  • Building real-time risk and control health dashboards using GRC and data visualization platforms
  • Leading AI risk assessments aligned with emerging standards (e.g., ISO 42001, NIST AI RMF, EU AI Act considerations)
  • Optimizing AI risk intake and assessment workflows within Jira Service Management (JSM) Atlassian
  • Leveraging AI-driven automation to scale risk activities such as control mapping, evidence validation, and risk correlation analysis
  • Owning the Third-Party Risk Management program, including vendor risk assessments and integration with procurement and vendor workflows
What we offer
What we offer
  • Restricted Stock Units in a fast growing, well-funded technology company
  • Health insurance package options that include HDHP and PPO, vision, and dental for you and your dependents
  • Employer contributions to HSA accounts
  • Paid Parental Leave
  • Paid life insurance, short-term and long-term disability
  • Teladoc
  • 401(k) with a 100% match up to 4% of salary
  • Generous paid time off and holiday schedule
  • Cell phone reimbursement
  • Tuition reimbursement
  • Fulltime
Read More
Arrow Right

Grc Specialist

As a Governance Risk and Compliance Specialist here at Airwallex, you will be a ...
Location
Location
United States , San Francisco
Salary
Salary:
150000.00 - 200000.00 USD / Year
airwallex.com Logo
Airwallex
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Deep knowledge of relevant compliance, regulatory and control frameworks including PCI-DSS, ISO 27001, SOC2 and similar standards
  • Involved in at least one completed security audit
  • Working knowledge of technology policy creation and maintenance
  • A strong familiarity with Information Security concepts, practices, and solutions
  • A working understanding of complex cloud environments
  • An understanding of financial services or payments, especially prior work experience with the fintech industry
  • A passion for solving the complex challenges of high-growth startups
  • An industry-leading security degree or certification is highly desired (e.g., BS or MS in Cybersecurity
  • or a CISSP, CEH, CISA)
  • Professional or native level of Portuguese language skills
Job Responsibility
Job Responsibility
  • Manage the body of security controls and documentation
  • Implement automation and monitoring information security controls, exceptions, risks, and testing
  • Implement an innovative security risk program that aligns to regulatory requirements
  • Develop and maintain security standards and policies, reporting metrics, dashboards, and evidence artefacts
  • Develop resources to help non-technical employees understand information security and compliance requirements
  • Partner with other Airwallex teams to build collaboration, and establish shared responsibilities and resources for security, data protection and governance, risk management, and privacy
What we offer
What we offer
  • Offers Equity
  • Offers Bonus
  • Medical, dental, and vision insurance
  • 401(k) plan
  • Short-term and long-term disability
  • Basic life insurance
  • Well-being benefits
  • 20 paid days of vacation
  • 12 paid days of company holidays
  • Fulltime
Read More
Arrow Right

Associate IS Security Engineer

The Cybersecurity Risk and Controls Analyst within Amgen’s Cybersecurity and Dig...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
amgen.com Logo
Amgen
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree and 3 years of directly related experience
  • Associate degree and 5 years of directly related experience
  • High school diploma / GED & 10 years of directly related experience
  • Bachelor’s degree in computer information systems or computer science
  • 2+ years of IT audit, Information Technology / Security control assurance or enterprise IT compliance experience
  • Advanced industry recognized security certification (i.e. CISA, CISM, CISSP, CRISC, Security+, etc.)
  • Working knowledge of Information Security principles: confidentiality, integrity, and availability
  • Knowledge of international standards for Information Technology and Information Security (i.e. ISO 2700x, NIST CSF, COBIT, ITIL, etc.)
  • Exceptional ability to apply critical thinking to complex risk scenarios
  • Proven ability to understand new technologies and paradigms such as cloud, emerging Big Data technologies, lean methodologies to propose appropriate controls and compliance mentorship
Job Responsibility
Job Responsibility
  • Advise project teams and application owners on information security risks and controls
  • Participate in projects or initiatives where a security risks and controls specialist is needed, with a focus on addressing risks by ensuring appropriate security controls are implemented
  • Evaluate compliance with security requirements
  • Evaluate IT controls’ design and implementation in various IT security processes
  • Test operating effectiveness of IT controls, including user access management, change management and computer operations for complex IT systems
  • Assess the risks of control deficiencies and identify mitigating controls
  • Clearly document and effectively communicate risks and risk mitigation actions
  • Understand and leverage ISO and NIST information security frameworks to establish accountability and responsibility for controls within the information systems organization
  • Ensure quality of work and timeliness across different functional deliverables
  • take ownership of issues and coordinate through to completion
What we offer
What we offer
  • Benefits for transgender employees
  • Industry-leading, family-friendly offerings for families of all compositions
Read More
Arrow Right
New

Pharmacy Technician

We’re building a world of health around every individual — shaping a more connec...
Location
Location
United States , Drexel Hill
Salary
Salary:
Not provided
https://www.cvshealth.com/ Logo
CVS Health
Expiration Date
June 22, 2026
Flip Icon
Requirements
Requirements
  • Must comply with any state board of pharmacy requirements or laws governing the practice of pharmacy, which includes but is not limited to, age, education, and licensure/certification
  • If the state board of pharmacy does not address or mandate a minimum age requirement, must be at least 16 years of age
  • If the state board of pharmacy does not address or mandate a minimum educational requirement, must have a high school diploma or equivalent, or be actively enrolled in high school or high school equivalency program
  • State-level licensure and national certification requirements vary by state, click here to learn more
  • Regular and predictable attendance, including nights and weekends
  • Ability to complete required training within designated timeframe
  • Attention and Focus
  • Customer Service and Team Orientation
  • Communication Skills
  • Mathematical Reasoning
Job Responsibility
Job Responsibility
  • Living our purpose by following all company SOPs at each workstation to help our Pharmacists manage and improve patient health
  • Following pharmacy workflow procedures at each pharmacy workstation (i.e., production, pick-up, drive-thru, and drop-off) for safe and accurate prescription fulfillment
  • Contributing to positive patient experiences by showing empathy and genuine care
  • Completing basic inventory activities, as permitted by law, and as directed by the pharmacy leadership team
  • Contributing to a high-performing team, embracing a growth mindset, and being receptive to feedback
  • Remaining flexible for both scheduling and business needs, while contributing to a safe, inclusive, and engaging team dynamic
  • Understanding and complying with all relevant federal, state, and local laws, regulations, professional standards, and ethical principles
  • Delivering additional patient health care services (e.g., immunizations, point-of-care testing, and voluntarily staffing offsite clinics), where allowable by law and supported by required training and certification
  • Where permissible, the Pharmacy Technician may also support immunizations, which includes the following responsibilities: Completing additional licensure and training requirements, in compliance with state Board of Pharmacy regulations, to obtain Technician Immunizer status to support preparing and administering vaccines
  • Educating patients about the importance of vaccines and referring patients to the Pharmacist-on-duty for vaccination questions
What we offer
What we offer
  • medical, dental, and vision coverage
  • paid time off
  • retirement savings options
  • wellness programs
  • and other resources, based on eligibility
  • Fulltime
Read More
Arrow Right