CrawlJobs Logo

Director, Governance Risk Compliance

United States, Austin 191000.00 - 278000.00 USD / Year · Job Posted February 18, 2026
Apply Position
Job Link Share

Job Description

Gong harnesses the power of AI to transform how revenue teams win. The Gong Revenue AI Operating System unifies data, insights, and workflows into a single, trusted system that observes, guides, and acts alongside the world’s most successful revenue teams. Powered by the Gong Revenue Graph, AI-powered intelligence, specialized agents, and trusted applications, Gong helps more than 5,000 companies around the world deeply understand their teams and customers, automate critical sales workflows, and close more deals with less effort. For more information, visit www.gong.io. At Gong, you will join a company built on innovative products, ambitious goals, and passionate people. We are shaping the future of revenue intelligence and we want people who are excited to build what comes next. You will work with a team that dreams big, moves fast, and cares deeply about the craft and about each other. Here, transparency and trust are core to how we operate, and every person has the opportunity to make a visible impact. If you want to grow, stretch, and do work that truly matters, Gong is the place to do the best work of your career. As a leader of trust operations, you’ll play a key role in ensuring trust and security are core to our product. This will be a hands-on position as we mature our security team and you will be responsible for improving and automating our compliance program.

Job Responsibility

  • Manage Certification program (ISO, PCI, SOC2, HIPAA etc.)
  • Ensure compliance with applicable controls based on a unified control framework
  • Manage customer audits and questionnaires
  • Cloud security
  • Security awareness training
  • Contract reviews
  • Third party risk management

Requirements

  • 12+ years of compliance experience
  • Building a compliance program in a cloud environment
  • In-depth knowledge of control frameworks
  • Ability to be hands on
  • Familiarity with attack frameworks and mitigation

Nice to have

  • Experience managing customer audits is a plus
  • Privacy experience is a plus

What we offer

  • We offer Gongsters a variety of medical, dental, and vision plans, designed to fit you and your family’s needs
  • Wellbeing Fund - flexible wellness stipend to support a healthy lifestyle
  • Mental Health benefits with covered therapy and coaching
  • 401(k) program to help you invest in your future
  • Education & learning stipend for personal growth and development
  • Flexible vacation time to promote a healthy work-life blend
  • Paid parental leave to support you and your family
  • Company-wide recharge days each quarter
  • Work from home stipend to help you succeed in a remote environment

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Director, Governance Risk Compliance

8 matching positions

Executive Director, Governance, Risk and Compliance

Executive Director, Information Security is a leadership role responsible for th...
Location
Location
United States , Los Angeles
Salary
Salary:
270282.00 - 333051.00 USD / Year
amgen.com Logo
Amgen
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate degree & 6 years of information security experience
  • Master’s degree & 10 years of information security experience
  • Bachelor’s degree & 12 years of information security experience
  • 6 years of managerial experience directly managing people and/or leadership experience leading teams, projects, programs or directing the allocation of resources
Job Responsibility
Job Responsibility
  • Set vision and strategy for Amgen’s digital Governance, Risk and Compliance efforts globally
  • Provide oversight and assurance for Amgen’s Information Security program in alignment with ISO 27002:2022
  • Oversee Technology’s Document Management Services (DMS)
  • Work with Quality, Finance and Security leadership to provide oversight and effectively manage GxP, Security and SOX deviations and corrective and preventive actions (CAPAs)
  • Partner with Corporate Audit and the Technology Extended Leadership Team to manage audit responses
  • Oversee Amgen’s Global Records and Information Management operations
  • Work with key stakeholders to improve compliance capabilities (e.g., GxP agile validation and process simplification)
  • Manage and oversee Amgen’s Risk services, including third-party business enablement and Amgen’s digital risk register
  • Deliver timely transparency reports and metrics to key stakeholders and senior business leadership (e.g., Chief Financial Officer, Chief Information Officer, Chief Information Security Officer, Quality leadership, etc.)
  • Maintain outstanding service delivery and collaborate diligently with global functional teams to achieve continuous improvement of governance, risk, and compliance services
What we offer
What we offer
  • Comprehensive employee benefits package, including a Retirement and Savings Plan with generous company contributions, group medical, dental and vision coverage, life and disability insurance, and flexible spending accounts
  • A discretionary annual bonus program, or for field sales representatives, a sales-based incentive plan
  • Stock-based long-term incentives
  • Award-winning time-off plans and bi-annual company-wide shutdowns
  • Flexible work models, including remote work arrangements, where possible
  • Fulltime
Read More
Arrow Right

Director of Governance, Risk, Compliance and Trust

Everlaw is seeking a pragmatic and execution-oriented Director of GRCT to lead o...
Location
Location
United States , Oakland
Salary
Salary:
230000.00 - 312000.00 USD / Year
everlaw.com Logo
Everlaw
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in Information Security, Risk, or Compliance
  • Senior ownership of FedRAMP Moderate/High programs from authorization through steady-state operations
  • Hands-on experience implementing modern GRC automation platforms
  • Experience driving a shift from manual compliance processes toward Continuous Control Monitoring
  • Strong risk judgment, evaluating control gaps, exception requests, and architectural trade-offs pragmatically
  • Technical literacy to lead Security Impact Analyses (SIA) and embed compliance into DevOps and CI/CD workflows
  • Experience supporting customer assurance and GTM efforts—from complex security questionnaires to executive-level conversations
  • Operational and people leadership skills, skilled at establishing operating rhythms, defining meaningful program metrics, driving predictable execution, and coaching high-ownership teams
  • Clear and credible communicator, able to distill complex technical and regulatory topics
  • Bachelor’s degree in Information Security, Computer Science, Engineering, Information Systems, or a related field (or equivalent practical experience)
Job Responsibility
Job Responsibility
  • Public Sector Compliance Ownership: Own Everlaw’s public sector compliance posture, including FedRAMP and GovRAMP authorization and ongoing maintenance
  • Regulatory & Contractual Requirements: Ensure compliance with specialized regulatory and contractual requirements (e.g., CJIS, FTI)
  • Global & Industry Certifications: Accountable for global and industry certifications, including SOC 2, ISO 27001/27017/27018, UK CE+, GDPR, and HIPAA
  • Audit Readiness & Execution: Ensure sustained audit readiness through clear control ownership, effective evidence management, and scalable compliance processes
  • Strategic Certifications & Market Access: Own the go/no-go framework for pursuing new certifications or regulatory authorizations (e.g., ISO 42001)
  • Regulatory Awareness: Continuously monitor emerging regulatory and industry requirements and advise leadership on impact, readiness, and timing
  • Security Risk Identification & Management: Oversee the identification, assessment, and tracking of information security risks
  • Security Impact Analysis (SIA): Partner with Security Engineering to lead the SIA process for major system, infrastructure, and product changes
  • Third-Party Security Risk: Oversee the vendor security risk lifecycle, from onboarding through ongoing monitoring and renewal
  • Pragmatic Governance & Decision Support: Maintain security policies, standards, and exception processes
What we offer
What we offer
  • Equity program
  • 401(k) retirement plan with company matching
  • Health, dental, and vision
  • Flexible Spending Accounts for health and dependent care expenses
  • Paid parental leave and approximately 10 days (80 hours) per year of sick leave
  • Seventeen paid vacation days plus 11 federal holidays
  • Membership to Modern Health to help employees prioritize mental health and wellness
  • Annual allocation for Learning & Development opportunities and applicable professional membership dues
  • Company-sponsored life and disability insurance
  • Work in Uptown Oakland, just steps from the BART line and dozens of restaurants and walking distance to Lake Merritt
  • Fulltime
Read More
Arrow Right

Director of Governance and Risk Compliance

Scale is seeking a highly experienced and motivated Director of Governance, Risk...
Location
Location
United States , San Francisco
Salary
Salary:
302400.00 - 378000.00 USD / Year
scale.com Logo
Scale
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of progressive experience in GRC, compliance, or related legal/regulatory roles, with demonstrated success building or scaling compliance programs
  • Demonstrated success in building and leading high-quality compliance programs and teams
  • Experience designing and operating an Enterprise Risk Management program
  • Deep knowledge of applicable regulatory frameworks, including SOC 2, ISO 27001, FedRAMP, GDPR, and CPRA
  • Experience with U.S. Government contract compliance requirements (FAR, DFARS, NIST 800-171, CMMC)
  • Excellent communicator with the ability to break down complex requirements into easy-to-understand and practical systems
  • Thrive in fast-paced, high-growth environments with ambiguity and competing priorities
  • Love collaborating with talented professionals across many disciplines—product, design, security, engineering, marketing, and more
Job Responsibility
Job Responsibility
  • Lead the GRC function at Scale, including compliance governance, compliance advisory, risk management, and regulatory compliance
  • Manage and develop a team of compliance professionals spanning governance, assurance, and GRC engineering to build scalable systems and processes
  • Own and mature Scale's Enterprise Risk Management (ERM) program, including risk identification, assessment, mitigation, and reporting
  • Partner with Legal, Security, Product, Engineering, and Operations, among other teams, to help guide Scale's growth in a highly scrutinized space
  • Own or contribute to Scale's AI governance strategy, including monitoring and operationalizing emerging AI regulations (EU AI Act, NIST AI RMF, state AI laws)
  • Help set and drive vision for how GRC can not only help protect Scale, but serve as a differentiator and competitive advantage
  • Represent the team with internal and external stakeholders (partners, regulators, etc.)
  • Take a strategic, long-term view of compliance while still being willing to get into the weeds on specific compliance issues
What we offer
What we offer
  • Comprehensive health, dental and vision coverage
  • retirement benefits
  • a learning and development stipend
  • generous PTO
  • equity based compensation
  • additional benefits such as a commuter stipend
  • Fulltime
Read More
Arrow Right

Director of Technology - Governance, Risk, and Compliance

We are seeking a Director of Technology - Governance, Risk, and Compliance to de...
Location
Location
United States , San Jose
Salary
Salary:
219000.00 - 290000.00 USD / Year
archer.com Logo
Archer Aviation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8 plus years of experience in Technical Governance, Risk, and Compliance, Risk Management, Audit, or Information Security
  • Minimum of 3 years in a director or senior manager role leading a GRC function or compliance program
  • Expert-level understanding of NIST CSF, SP 800-171, and CMMC Level 2 frameworks
  • Hands-on experience managing NIST CSF, 800-171 compliance programs or leading CMMC Level 2 assessments and certification initiatives
  • Strong knowledge of SOX Section 404 requirements, particularly IT General Controls (ITGC)
  • Deep understanding of ITAR and EAR export control regulations
  • Proficiency in risk management methodologies
  • Experience designing and operating control frameworks (ISO 27001, NIST CSF, SOC 2 Type II)
  • Strong communication skills to present complex compliance and risk concepts
  • Demonstrated ability to lead and mentor teams, manage budgets, and drive cross-functional initiatives
Job Responsibility
Job Responsibility
  • Develop and execute a comprehensive Cyber-focused Governance, Risk, and Compliance (GRC) strategy
  • Lead the design and implementation of System Security Plans (SSPs) and Plans of Action and Milestones (POA&Ms)
  • Establish and manage an enterprise-wide risk management program
  • Design and enforce a control framework
  • Conduct or coordinate regular compliance assessments and internal audits
  • Manage relationships with external auditors, assessors, and regulators
  • Develop and maintain comprehensive compliance documentation
  • Lead the design of third-party and vendor risk management processes
  • Drive compliance training and awareness programs across the organization
  • Stay current with emerging regulatory changes
  • Fulltime
Read More
Arrow Right

Director, Risk & Compliance Management

Parexel is in the business of improving the world’s health. We do this by provid...
Location
Location
United Kingdom
Salary
Salary:
Not provided
parexel.com Logo
Parexel
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Business, Technology, Quality, Engineering, Life Sciences or related discipline required
  • Master's Degree in Business, Technology, Quality or related discipline preferred
  • Relevant certifications such as PMP, ITIL, Lean Six Sigma, COBIT, ISO, SAFe or equivalent preferred
  • Proven leadership capability with experience building, developing and leading high-performing teams across complex, global and regulated environments
  • Deep expertise in governance, QMS, SOP management, compliance, operational process management and risk-based quality oversight
  • Strong understanding of SDLC governance, Agile, DevOps, cloud, SaaS and modern technology delivery models within regulated or GxP environments
  • Demonstrated ability to lead vendor governance, supplier oversight, third-party risk management and enterprise transformation or governance maturity initiatives
  • Excellent stakeholder management, executive communication, strategic thinking and problem-solving skills, with the ability to balance compliance, innovation and operational efficiency
  • Advanced level relevant experience in IT governance, compliance, process excellence, operational risk management or related disciplines, including significant experience within global organisations
  • Strong leadership and people management experience, including leading governance, operational excellence, compliance or transformation functions in complex matrix environments
Job Responsibility
Job Responsibility
  • Supporting the Executive Director in leading enterprise wide quality compliance, governance, operational process excellence, vendor governance and risk management functions across Parexel’s global Data & Technology (D&T) organisation
  • Providing strategic and operational oversight for governance frameworks, Quality Management System (QMS) alignment, SDLC governance, supplier oversight, risk management and compliance by design practices supporting regulated and non-regulated technology environments
  • Serving as a senior leader responsible for strengthening operational discipline, inspection readiness, regulatory confidence and enterprise governance maturity while enabling modern, scalable and agile technology delivery
  • Support enterprise audit, regulatory inspection readiness, inspection coordination, audit responses and remediation activities
  • Own and continuously improve QMS processes, SOP governance, controlled document lifecycle management and associated standards, templates and work instructions
  • Support enterprise SDLC governance, change management, release management and operational control processes across the technology lifecycle
  • Drive standardisation, harmonisation, process simplification and compliance by design across governance and delivery processes
  • Lead vendor qualification, governance, oversight and risk management for suppliers, cloud providers, strategic technology partners and outsourced delivery teams
  • Define and maintain supplier governance strategies, technical agreements, service expectations, performance monitoring and risk frameworks aligned to regulatory and operational expectations
  • Develop, maintain and continuously improve D&T quality and operational risk frameworks, including criteria, tolerance, appetite, dashboards and executive-level reporting
What we offer
What we offer
  • competitive base salary
  • car allowance
  • bonus
  • holiday
  • other leading benefits
  • Fulltime
Read More
Arrow Right

Head of Governance, Risk & Compliance

Lead the design and execution of the organization’s GRC strategy, ensuring it al...
Location
Location
Egypt , New Cairo
Salary
Salary:
Not provided
ethicshr.com Logo
Ethics HR
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master’s degree in Business Administration, Risk Management, Cybersecurity, Law, or a related field from a reputable university
  • Minimum of 10 years of experience in governance, risk management, compliance
  • Strong knowledge of GRC frameworks, industry standards, and regulatory requirements (e.g., ISO 27001, NIST, GDPR, SOX, HIPAA)
  • Relevant certifications such as CISM, CRISC, CISA, or similar GRC certifications are highly preferred
  • Proven track record of successful full leadership
  • Excellent command of English
Job Responsibility
Job Responsibility
  • Lead the design and execution of the organization’s GRC strategy, ensuring it aligns with corporate goals and objectives
  • Develop and implement governance frameworks, risk management processes, and compliance programs that adhere to regulatory requirements and industry standards
  • Oversee the risk management process, including risk identification, assessment, mitigation, and monitoring
  • Ensure compliance with relevant laws, regulations, and internal policies, including data protection, cybersecurity, financial, and operational regulations
  • Establish and maintain a strong risk management and compliance culture throughout the organization
  • Provide leadership and guidance to cross-functional teams to ensure effective implementation of GRC initiatives
  • Lead internal and external audits, managing the process and ensuring timely remediation of identified issues
  • Monitor and report on the organization’s risk posture and compliance status to executive leadership and the board
  • Develop, implement, and maintain policies and procedures to address risks and compliance obligations
  • Provide training and awareness programs to employees on GRC topics, fostering compliance and risk-conscious behavior
Read More
Arrow Right

Manager, IT Governance, Risk & Compliance

Reporting to the Director, IT Governance, Risk & Compliance, the GRC Manager is ...
Location
Location
Canada , Toronto
Salary
Salary:
85000.00 - 125000.00 CAD / Year
fourseasons.com Logo
Four Seasons
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent business qualifications
  • Minimum 5 years of experience with PCI standard and GRC methodologies
  • Information Security Certification or Accreditation is an asset
  • Professional security management certifications are highly preferred (ie. CISSP, CRISC)
  • PCI Compliance: Strong understanding of PCI DSS requirements and the use of compliance tools to support adherence to the standards
  • Reporting & Analytics: Proficient in reporting tools for creating dashboards, analyzing program data, and generating compliance and risk reports that support leadership decision‑making
  • IT Governance: Strong knowledge of governance frameworks such as COBIT and ISO 27001, applying these structures to strengthen compliance and manage risks effectively
  • Ticketing & ITIL: Proficient in ITIL‑based ticketing systems such as ServiceNow to manage incidents, problems, and changes, ensuring smooth service delivery and timely issue resolution
  • Risk Management: Comprehensive understanding of IT and cybersecurity risk practices, including identifying and evaluating risks and supporting remediation efforts
  • Change Management: Experienced in managing and reviewing IT change requests to assess compliance and risk impact, ensuring proper approvals, documentation, and alignment with internal change governance processes
Job Responsibility
Job Responsibility
  • Lead the Corporate Office PCI compliance Program, including: Define, collect, and conduct internal reviews for the Corporate Quarterly PCI compliance cycles
  • Lead the planning, evidence collection, and internal review processes for the Corporate Annual PCI assessment
  • Scheduling and participating in all audit-related meetings to ensure consistent communication between teams and the QSA
  • Overseeing remediation of audit findings and tracking progress to closure
  • Work closely with the QSA to ensure the successful annual renewal of the company’s AoC (Attestation of Compliance) and RoC (Report of Compliance) as a Level 1 service provider
  • Facilitating the Corporate annual tabletop major incident response exercise with Corporate TID teams
  • Maintain and update the company’s IT policies, standards, and procedures
  • develop new documentation and RACI matrices
  • communicate changes to relevant stakeholders
  • conduct reviews as required
  • Fulltime
Read More
Arrow Right

Cybersecurity Governance, Risk, Compliance, Training & Resilience Manager

We are hiring a Manager to lead the day-to-day execution of cybersecurity Govern...
Location
Location
United States , Boston
Salary
Salary:
120000.00 - 180000.00 USD / Year
aptiv.com Logo
Aptiv plc
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7–10+ years of cybersecurity risk, compliance, audit, or GRC program experience
  • Experience managing or contributing to ISO 27001, NIST 800-171, SOX, GDPR, or TISAX efforts
  • Proficiency with GRC platforms and internal controls execution
  • Strong writing and documentation skills
  • Must reside in Greater Boston area with ability to be present on site at least 3 days/weekly
  • United States Citizenship required
Job Responsibility
Job Responsibility
  • Lead execution of GRC programs across Aptiv and Wind River, including control maintenance, risk register updates, and audit readiness
  • Maintain documentation, controls, and audit-ready evidence for ISO 27001, NIST 800-171, TISAX, SOX, NIS2, CMMC and GDPR across both Aptiv and Wind River, incorporating new regulatory or customer requirements as they arise
  • Administer GRC tooling (ZenGRC, AuditBoard, ServiceNow), ensuring accuracy, auditability, and workflow continuity
  • Manage internal risk exceptions, maturity roadmaps, and control owners’ engagement
  • Provide daily operational support to maintain compliance posture and support regulatory assessments
  • Own documentation and execution for business impact assessments (BIAs), continuity planning, and tabletop exercises
  • Coordinate resilience planning with cross-functional partners including IT, Facilities, Cyber Defense, and Legal
  • Maintain continuity playbooks, incident response records, and recovery planning materials
  • Provide execution support for Wind River’s third-party risk assessments, evidence collection, and remediation tracking
  • Execute and drive enforcement of cybersecurity right-to-audit clauses with vendors and partners
What we offer
What we offer
  • Hybrid work model for workplace flexibility
  • Comprehensive health, dental, and life insurance
  • Short and long-term disability coverage
  • RRSP matching for financial security
  • Flexible time-off policies for work-life balance
  • Employee assistance program for mental well-being
  • Learning benefits, including a LinkedIn Learning subscription and seminars
  • Fulltime
Read More
Arrow Right