CrawlJobs Logo

Director, GRC

tines.com Logo

Tines

Location Icon

Location:
United States

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

250000.00 - 265000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

Founded in 2018 with co-headquarters in Dublin and Boston, Tines powers some of the world's most important workflows. Our intelligent workflow platform applies AI, automation, and integration with human ingenuity to drive real business results. Tines serves a diverse range of customers, from startups to public companies. As an integrator across the entire tech stack, Tines is vendor-agnostic integrating with any API-enabled service. This flexibility enables our customers to achieve their highest-priority goals faster. And because Tines is secure and private by design, it’s popular with security, IT, engineering, finance, and other security-focused teams. At Tines, we're driven by our values of Simplicity, Speed, and Soundness. We're committed to delivering exceptional customer experiences while fostering a company culture that nurtures individual curiosity, growth, and integrity.

Job Responsibility:

  • Define and execute Tines' multi-year GRC strategy aligned with business objectives
  • Own the compliance roadmap, prioritizing certifications and frameworks based on customer needs and revenue impact
  • Serve as executive sponsor for all compliance programs, providing visibility and reporting to C-suite and Board of Directors
  • Build business cases for compliance investments, demonstrating ROI and competitive advantage
  • Monitor evolving compliance landscape, anticipating regulatory changes
  • Lead, mentor, and grow a team of GRC professionals
  • Scale the team strategically as Tines grows
  • Foster cross-functional collaboration with Engineering, Product, Sales, Legal, IT, Security, and HR teams
  • Drive Tines' FedRAMP authorization to successful completion
  • Establish ongoing FedRAMP continuous monitoring and reauthorization processes
  • Build relationships with government stakeholders, agencies, and partners
  • Maintain and optimize SOC 2 Type II compliance
  • Lead ISO 27001 audits and other framework expansions
  • Establish and mature vendor risk management, third-party risk assessment, and supply chain security programs
  • Implement enterprise risk management processes
  • Own the information security policy framework
  • Manage relationships with external auditors, 3PAOs, and assessors
  • Own the customer security assurance experience, including questionnaire responses, audit coordination, and Trust Center management
  • Partner with Sales and Customer Success to support enterprise deals requiring compliance evidence
  • Build scalable processes to handle increasing volume of security assessments
  • Represent Tines externally at customer meetings, industry events, and with auditors
  • Champion the use of Tines' platform to automate compliance workflows, evidence collection, control testing, and reporting
  • Build a "compliance-as-code" culture
  • Establish metrics and dashboards for real-time compliance posture visibility
  • Serve as an internal advocate and external case study for how automation transforms GRC

Requirements:

  • 12+ years of progressive experience in GRC, information security, or risk management
  • At least 5 years in a leadership role
  • Proven track record leading FedRAMP authorization efforts from planning through ATO
  • Deep expertise in multiple compliance frameworks: SOC 2, ISO 27001, FedRAMP, NIST 800-53
  • Experience building and scaling GRC teams and programs in high-growth SaaS or technology companies
  • Strong executive presence with ability to influence C-suite and Board-level stakeholders
  • Demonstrated success managing complex, multi-workstream compliance programs with competing priorities
  • Exceptional communication skills with the ability to translate technical compliance requirements into business value
  • Strategic mindset with hands-on execution capability
  • Experience partnering with Sales, Engineering, Product, and Legal teams to operationalize compliance
  • Applicants must be authorized to work for any employer in the U.S.
  • Must be based in the United States

Nice to have:

  • Industry certifications such as CISSP, CISA, CISM, or CRISC
  • Experience achieving FedRAMP authorization for a SaaS platform
  • Background in compliance automation, GRC tooling, or security orchestration
  • Experience with privacy regulations and programs (GDPR, CCPA, data governance)
  • Knowledge of cloud security architecture and controls (AWS, Azure, GCP)
  • Prior experience in a startup or hypergrowth environment (Series B-D stage)
  • Familiarity with DevSecOps, infrastructure-as-code, and modern engineering practices
  • Experience using or implementing workflow automation platforms
  • Active participation in industry groups (CSA, FedRAMP PMO community, etc.)
What we offer:
  • Competitive salary
  • Startup equity & extended exercise window
  • Matching retirement plans
  • Home office setup
  • Private healthcare plans
  • 25 days annual leave
  • Extra company holidays
  • Generous parental leave programs
  • Flexibility in how and where you work
  • Phone and home Internet allowance

Additional Information:

Job Posted:
January 26, 2026

Employment Type:
Fulltime
Work Type:
Remote work
Icon
Tines - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Director, GRC

Director - Governance, Risk and Compliance

We are a fast-growing fintech company seeking a proactive and highly organized G...
Location
Location
United States , New York
Salary
Salary:
175000.00 - 200000.00 USD / Year
clearstreet.io Logo
Clear Street
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in GRC, security compliance, risk management, or related functions
  • Strong understanding of common security frameworks (SOC 2, ISO 27001, NIST CSF, PCI-DSS)
  • Experience managing audits end-to-end
  • Demonstrated ability to build and maintain governance processes and cross-functional compliance programs
  • Excellent documentation, communication, and stakeholder-management skills
  • Experience in technology, fintech, financial services, or other highly regulated industries
Job Responsibility
Job Responsibility
  • Develop, maintain, and manage the company’s security and compliance policy framework
  • Ensure policies are current, properly communicated, approved, and effectively implemented across the organization
  • Oversee periodic reviews of all internal policies
  • Educate teams on policy requirements and drive adherence
  • Build, implement, and continuously refine the company’s cyber security risk management framework
  • Lead risk identification, assessment, scoring, and periodic re-evaluations
  • Maintain the corporate risk register
  • Manage all internal and external audits including SOC 2, ISO 27001, regulatory exams, and customer due-diligence requests
  • Coordinate and prepare audit evidence
  • Serve as the primary liaison with external auditors, security assessors, and regulatory bodies
What we offer
What we offer
  • Competitive compensation packages
  • Company equity
  • 401k matching
  • Gender-neutral parental leave
  • Full medical, dental and vision insurance
  • Lunch stipends
  • Fully stocked kitchens
  • Happy hours
  • Fulltime
Read More
Arrow Right

Sr. Director, Cybersecurity Governance, Risk & Compliance

The Sr. Director of Cybersecurity Governance, Risk Management, and Compliance (G...
Location
Location
United States
Salary
Salary:
173500.00 - 419500.00 USD / Year
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree or higher in Information Technology, Cybersecurity, Computer Science, or a related field
  • Minimum of 10 years of experience in cybersecurity and/or IT Risk, with at least 5 years focus on GRC
  • Proven track record in a senior leadership role within a large organization
  • Experience in developing and implementing cybersecurity strategies
  • Strong knowledge of relevant regulations and standards, such as GDPR, NIST CSF, and ISO 27001
  • Exceptional leadership and management skills
  • Strong analytical and problem-solving abilities
  • Excellent communication and interpersonal skills
  • Ability to work collaboratively across departments and build consensus
  • Proficient in cybersecurity technologies and tools.
Job Responsibility
Job Responsibility
  • Define and execute a comprehensive cybersecurity GRC strategy that aligns with business objectives and legal/regulatory requirements
  • Partner with cross-functional teams, including Legal, IT, Audit, and Business Units, to integrate security and compliance requirements into business processes
  • Recruit, mentor, and develop a high-performing team of GRC professionals
  • Develop and maintain the cybersecurity governance framework, ensuring it aligns with the organization's overall business objectives
  • Create policies, procedures, and guidelines that support the cybersecurity strategy
  • Ensure compliance with industry standards, regulations, and best practices
  • Identify, assess, and prioritize cybersecurity risks facing the organization
  • Develop risk mitigation strategies and allocate resources to address key risk areas
  • Collaborate with other departments to integrate risk management practices across the organization
  • Monitor and report on the effectiveness of risk management strategies
What we offer
What we offer
  • Comprehensive suite of benefits supporting physical, financial, and emotional wellbeing
  • Career development programs to help achieve career goals
  • Inclusive work environment valuing diverse backgrounds.
  • Fulltime
Read More
Arrow Right

Manager, IT Governance, Risk & Compliance

Reporting to the Director, IT Governance, Risk & Compliance, the GRC Manager is ...
Location
Location
Canada , Toronto
Salary
Salary:
85000.00 - 125000.00 CAD / Year
fourseasons.com Logo
Four Seasons
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent business qualifications
  • Minimum 5 years of experience with PCI standard and GRC methodologies
  • Information Security Certification or Accreditation is an asset
  • Professional security management certifications are highly preferred (ie. CISSP, CRISC)
  • PCI Compliance: Strong understanding of PCI DSS requirements and the use of compliance tools to support adherence to the standards
  • Reporting & Analytics: Proficient in reporting tools for creating dashboards, analyzing program data, and generating compliance and risk reports that support leadership decision‑making
  • IT Governance: Strong knowledge of governance frameworks such as COBIT and ISO 27001, applying these structures to strengthen compliance and manage risks effectively
  • Ticketing & ITIL: Proficient in ITIL‑based ticketing systems such as ServiceNow to manage incidents, problems, and changes, ensuring smooth service delivery and timely issue resolution
  • Risk Management: Comprehensive understanding of IT and cybersecurity risk practices, including identifying and evaluating risks and supporting remediation efforts
  • Change Management: Experienced in managing and reviewing IT change requests to assess compliance and risk impact, ensuring proper approvals, documentation, and alignment with internal change governance processes
Job Responsibility
Job Responsibility
  • Lead the Corporate Office PCI compliance Program, including: Define, collect, and conduct internal reviews for the Corporate Quarterly PCI compliance cycles
  • Lead the planning, evidence collection, and internal review processes for the Corporate Annual PCI assessment
  • Scheduling and participating in all audit-related meetings to ensure consistent communication between teams and the QSA
  • Overseeing remediation of audit findings and tracking progress to closure
  • Work closely with the QSA to ensure the successful annual renewal of the company’s AoC (Attestation of Compliance) and RoC (Report of Compliance) as a Level 1 service provider
  • Facilitating the Corporate annual tabletop major incident response exercise with Corporate TID teams
  • Maintain and update the company’s IT policies, standards, and procedures
  • develop new documentation and RACI matrices
  • communicate changes to relevant stakeholders
  • conduct reviews as required
  • Fulltime
Read More
Arrow Right

Senior Security Program Manager

As a Senior Security Program Manager, you will drive execution of Keyrock’s high...
Location
Location
Salary
Salary:
Not provided
keyrock.com Logo
Keyrock
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years in security program management / technical program management / security operations program delivery
  • Demonstrated experience running cross-functional programs across engineering and operations (scope, schedule, risks, dependencies)
  • Strong technical fluency in cloud/infra, identity/access, vulnerability management, security monitoring, and incident processes
  • Excellent written/verbal communication with the ability to translate complex risk into clear priorities
Job Responsibility
Job Responsibility
  • Own a portfolio of security programs (planning, resourcing, milestones, dependencies, risk/issue management, and outcomes)
  • Create and maintain multi-quarter roadmaps aligned to Keyrock’s business and operating model across venues and services (CEX/DEX and liquidity services)
  • Establish governance and operating cadence: steering meetings, status reporting, program reviews, and executive updates
  • Support the CISO in delivering firmwide initiatives
  • Partner with Security and Engineering teams to drive key initiatives such as: access governance, secrets management, vulnerability remediation, security logging/monitoring improvements, endpoint/security baseline, and secure SDLC enablement
  • Help mature control coverage and evidence for internal/external assurance needs (as applicable in a financial-services context)
  • Partner with the Director of GRC to support GRC and audit initiatives
  • Partner with Security Operations to improve incident preparedness through playbooks, tabletop exercises, lessons learned, and operational runbooks—ensuring security response stays effective in a high-availability trading environment
  • Act as the “glue” across technical and business stakeholders—clarifying ownership, unblocking delivery, and keeping programs moving with crisp communication
  • Build lightweight, scalable processes that improve security consistency without slowing teams
  • Fulltime
Read More
Arrow Right

Director, Security GRC Program Lead

Meta is seeking a highly skilled Security GRC Program Manager to join our Risk O...
Location
Location
United States , Bellevue
Salary
Salary:
227000.00 - 287000.00 USD / Year
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Significant experience as a leader and contributor in security risk management and compliance, including providing second-line oversight
  • Strong track record of operating effectively and influencing outcomes with Engineering, Product, GRC, and Legal partners
  • Extensive experience with Governance, Risk, and Compliance (GRC) and Legal functions
  • Deep expertise in security, with the ability to holistically understand relevant issues, partners, and products, and go deep on technical details
  • Proven ability to identify critical issues, balance competing priorities, translate technical and regulatory concepts for diverse audiences, and personally drive initiatives to completion
  • In-depth knowledge of complex global regulatory requirements (e.g., GDPR, SEC, PCI-DSS, NYDFS)
  • Demonstrated ability to build strong formal and informal networks with key influencers and decision makers inside and outside the company
  • Experience working in integrated privacy-security environments or familiarity with unified GRC frameworks across multiple risk domains
Job Responsibility
Job Responsibility
  • Lead and deliver on deeply complex, high-impact projects that shape Meta's risk profile and business trajectory
  • Proactively identify long-term, critical, and ambiguous problems, setting a clear vision and strategy for risk management in alignment with company goals
  • Partner with Central Security teams to analyze, streamline, and consolidate issues and risks from all sources (1LoD, 2LoD, 3LoD, external) into a clear, prioritized list for first-line-of-defense consumption and actioning
  • Integrate security risk management with Meta's Security Prioritization Framework (SPF) and contribute to capability maturity assessments to drive risk-based prioritization across the organization
  • Define and maintain clear interfaces and points of contact with the Security organization and other key partners, ensuring efficient governance and communication
  • Prepare regular updates and compliance documents to ensure Meta meets board and regulatory obligations, adapting processes and strategies to evolving regulatory and business environments
  • Drive cross-org execution, collaborating with Risk, Security, Legal, Product, and Engineering functions to deliver results and maximize impact
  • Champion organizational efforts to build and sustain diversity, culture, recruitment, onboarding, mentoring, and development programs, serving as a role model and mentor for others
  • Integrate learnings and best practices from/to sister 2LoD organizations (e.g., Integrity GRC, Privacy GRC), and partner with Product & Engineering teams on necessary second-line-of-defense tooling within the unified GRC framework
What we offer
What we offer
  • bonus
  • equity
  • benefits
Read More
Arrow Right

Head of Governance, Risk & Compliance

Lead the design and execution of the organization’s GRC strategy, ensuring it al...
Location
Location
Egypt , New Cairo
Salary
Salary:
Not provided
ethicshr.com Logo
Ethics HR
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master’s degree in Business Administration, Risk Management, Cybersecurity, Law, or a related field from a reputable university
  • Minimum of 10 years of experience in governance, risk management, compliance
  • Strong knowledge of GRC frameworks, industry standards, and regulatory requirements (e.g., ISO 27001, NIST, GDPR, SOX, HIPAA)
  • Relevant certifications such as CISM, CRISC, CISA, or similar GRC certifications are highly preferred
  • Proven track record of successful full leadership
  • Excellent command of English
Job Responsibility
Job Responsibility
  • Lead the design and execution of the organization’s GRC strategy, ensuring it aligns with corporate goals and objectives
  • Develop and implement governance frameworks, risk management processes, and compliance programs that adhere to regulatory requirements and industry standards
  • Oversee the risk management process, including risk identification, assessment, mitigation, and monitoring
  • Ensure compliance with relevant laws, regulations, and internal policies, including data protection, cybersecurity, financial, and operational regulations
  • Establish and maintain a strong risk management and compliance culture throughout the organization
  • Provide leadership and guidance to cross-functional teams to ensure effective implementation of GRC initiatives
  • Lead internal and external audits, managing the process and ensuring timely remediation of identified issues
  • Monitor and report on the organization’s risk posture and compliance status to executive leadership and the board
  • Develop, implement, and maintain policies and procedures to address risks and compliance obligations
  • Provide training and awareness programs to employees on GRC topics, fostering compliance and risk-conscious behavior
Read More
Arrow Right

Director of Security, GRC

Join us in building the future of finance. Our mission is to democratize finance...
Location
Location
United States , Menlo Park; New York
Salary
Salary:
255000.00 - 300000.00 USD / Year
robinhood.com Logo
Robinhood
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven senior security leader with over 10 years of experience, specializing in scaling through technology, the management of risk, compliance, and business continuity programs
  • 5+ years of experience working with or within US and international financial regulatory environments
  • Proven track record building and scaling GRC programs in highly regulated, fast-paced industries, focused on automation first tooling
  • Strong verbal and written communication and executive presence, with experience preparing and presenting board-level security updates
  • Professional certifications such as CISSP, CISM, CRISC, or equivalent
  • Familiarity with GRC and program management tools (e.g., Jira, Archer, or ServiceNow)
  • Experience with NIST CSF, 800-53 R5, federal and international security assessments.
Job Responsibility
Job Responsibility
  • Lead the development, automation, and execution of our enterprise security risk management framework, driving mitigation strategies and board-level risk reporting
  • Direct policy development and exception management processes, ensuring effective governance of security standards and exceptions
  • Oversee enterprise business continuity and disaster recovery programs, including execution of simulation exercises and continuous refinement
  • Manage strategic compliance initiatives, coordinating with legal, compliance, and operational teams to meet regulatory requirements and prepare for audits
  • Serve as the primary liaison for security-related board reporting, quantitative risk management, and regulatory engagements, shaping the external and internal narrative on risk
What we offer
What we offer
  • Performance driven compensation with multipliers for outsized impact, bonus programs, equity ownership, and 401(k) matching
  • 100% paid health insurance for employees with 90% coverage for dependents
  • Lifestyle wallet – a highly flexible benefits spending account for wellness, learning, and more
  • Employer-paid life & disability insurance, fertility benefits, and mental health benefits
  • Time off to recharge including company holidays, paid time off, sick time, parental leave, and more
  • Exceptional office experience with catered meals, events, and comfortable workspaces
  • Fulltime
Read More
Arrow Right

Director of Security, GRC

Join us in building the future of finance. Our mission is to democratize finance...
Location
Location
United States , Menlo Park; New York
Salary
Salary:
255000.00 - 300000.00 USD / Year
robinhood.com Logo
Robinhood
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven senior security leader with over 10 years of experience, specializing in scaling through technology, the management of risk, compliance, and business continuity programs
  • 5+ years of experience working with or within US and international financial regulatory environments
  • Proven track record building and scaling GRC programs in highly regulated, fast-paced industries, focused on automation first tooling
  • Strong verbal and written communication and executive presence, with experience preparing and presenting board-level security updates
  • Professional certifications such as CISSP, CISM, CRISC, or equivalent
  • Familiarity with GRC and program management tools (e.g., Jira, Archer, or ServiceNow)
  • Experience with NIST CSF, 800-53 R5, federal and international security assessments.
Job Responsibility
Job Responsibility
  • Lead the development, automation, and execution of our enterprise security risk management framework, driving mitigation strategies and board-level risk reporting
  • Direct policy development and exception management processes, ensuring effective governance of security standards and exceptions
  • Oversee enterprise business continuity and disaster recovery programs, including execution of simulation exercises and continuous refinement
  • Manage strategic compliance initiatives, coordinating with legal, compliance, and operational teams to meet regulatory requirements and prepare for audits
  • Serve as the primary liaison for security-related board reporting, quantitative risk management, and regulatory engagements, shaping the external and internal narrative on risk
What we offer
What we offer
  • Performance driven compensation with multipliers for outsized impact, bonus programs, equity ownership, and 401(k) matching
  • 100% paid health insurance for employees with 90% coverage for dependents
  • Lifestyle wallet – a highly flexible benefits spending account for wellness, learning, and more
  • Employer-paid life & disability insurance, fertility benefits, and mental health benefits
  • Time off to recharge including company holidays, paid time off, sick time, parental leave, and more
  • Exceptional office experience with catered meals, events, and comfortable workspaces
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy