Director, GRC, Privacy, & Trust, 1Password

1Password

Location:
United States; Canada

Category:
IT - Administration

Contract Type:
Employment contract

Salary:

258000.00 - 350000.00 USD / Year

Save Job

Apply Position

Job Description:

We’re looking for an experienced security leader to grow and mature the Governance, Risk, Compliance (GRC), Privacy, & Trust function here at 1Password. You will be responsible for audit and compliance, risk management, security governance, privacy engineering, privacy policy & reviews, and growing customer trust. You will lead and expand a high performing team, mature processes, communicate to different segments of the company, and ensure we continue to uphold the trust our customers have placed in us. As a member of the security leadership team, you will also partner with other leaders across security and the company to drive great security outcomes for our customers.

Job Responsibility:

Lead and mentor the GRC and Privacy Engineering team, fostering career growth and high performance
Drive the organization's risk management strategy and oversee the implementation of risk assessment frameworks
Develop and maintain information security and privacy policies, ensuring regular reviews and updates
Establish strong partnerships across departments to align on security and compliance initiatives
Engaging with customers, in partnership with Sales and Legal, to represent security in RFPs, due diligence, and security assessments
Oversee 1Password’s various information security and privacy certification processes ensuring compliance with relevant frameworks and regulations
Monitor and report on compliance metrics and program effectiveness
Partner with legal and security teams to assess and mitigate business, technical, and regulatory risks
Oversee relationships with external auditors and consultants

Requirements:

8+ years leading GRC and privacy programs, including experience with international audits, risk management frameworks, and privacy regulations
5+ years experience managing individual contributors as well as experience managing other managers
Proven expertise in policy development, risk assessment, compliance monitoring, and privacy program management
Passion for fostering psychological safety and stability in complex compliance environments
Hands-on experience with various information security and privacy compliance frameworks such as SOC 2 Type II, ISO 27001, FedRAMP, CMMC, GDPR, and CPRA
Experience with security and privacy automation tools for compliance monitoring and knowledge management
Experience leading company-wide compliance initiatives, securing buy-in for security and privacy policies, and leading cross functional programs
Experience partnering on customer contracts, including security addendums and compliance terms, balancing customer expectations and business needs
Exceptional written and verbal communication skills with ability to communicate effectively with executives, legal counsel, and stakeholders
Experience managing third-party risk, vendor assessments, and external auditors

What we offer:

Maternity and parental leave top-up programs
Generous PTO policy
Four company-wide wellness days
Company equity for all full-time employees
Retirement matching program
Free 1Password account
Paid volunteer days
Employee-led inclusion and belonging programs and ERGs
Peer-to-peer recognition through Bonusly

Additional Information:

Job Posted:
May 01, 2025

Employment Type:

Fulltime

Work Type:

Remote work

View All Jobs In This Company

Job Link Share:

Director, GRC, Privacy, & Trust