CrawlJobs Logo

Director, GRC

tines.com Logo

Tines

Location Icon

Location:
United States

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

250000.00 - 265000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

Founded in 2018 with co-headquarters in Dublin and Boston, Tines powers some of the world's most important workflows. Our intelligent workflow platform applies AI, automation, and integration with human ingenuity to drive real business results. Tines serves a diverse range of customers, from startups to public companies. As an integrator across the entire tech stack, Tines is vendor-agnostic integrating with any API-enabled service. This flexibility enables our customers to achieve their highest-priority goals faster. And because Tines is secure and private by design, it’s popular with security, IT, engineering, finance, and other security-focused teams. At Tines, we're driven by our values of Simplicity, Speed, and Soundness. We're committed to delivering exceptional customer experiences while fostering a company culture that nurtures individual curiosity, growth, and integrity.

Job Responsibility:

  • Define and execute Tines' multi-year GRC strategy aligned with business objectives
  • Own the compliance roadmap, prioritizing certifications and frameworks based on customer needs and revenue impact
  • Serve as executive sponsor for all compliance programs, providing visibility and reporting to C-suite and Board of Directors
  • Build business cases for compliance investments, demonstrating ROI and competitive advantage
  • Monitor evolving compliance landscape, anticipating regulatory changes
  • Lead, mentor, and grow a team of GRC professionals
  • Scale the team strategically as Tines grows
  • Foster cross-functional collaboration with Engineering, Product, Sales, Legal, IT, Security, and HR teams
  • Drive Tines' FedRAMP authorization to successful completion
  • Establish ongoing FedRAMP continuous monitoring and reauthorization processes
  • Build relationships with government stakeholders, agencies, and partners
  • Maintain and optimize SOC 2 Type II compliance
  • Lead ISO 27001 audits and other framework expansions
  • Establish and mature vendor risk management, third-party risk assessment, and supply chain security programs
  • Implement enterprise risk management processes
  • Own the information security policy framework
  • Manage relationships with external auditors, 3PAOs, and assessors
  • Own the customer security assurance experience, including questionnaire responses, audit coordination, and Trust Center management
  • Partner with Sales and Customer Success to support enterprise deals requiring compliance evidence
  • Build scalable processes to handle increasing volume of security assessments
  • Represent Tines externally at customer meetings, industry events, and with auditors
  • Champion the use of Tines' platform to automate compliance workflows, evidence collection, control testing, and reporting
  • Build a "compliance-as-code" culture
  • Establish metrics and dashboards for real-time compliance posture visibility
  • Serve as an internal advocate and external case study for how automation transforms GRC

Requirements:

  • 12+ years of progressive experience in GRC, information security, or risk management
  • At least 5 years in a leadership role
  • Proven track record leading FedRAMP authorization efforts from planning through ATO
  • Deep expertise in multiple compliance frameworks: SOC 2, ISO 27001, FedRAMP, NIST 800-53
  • Experience building and scaling GRC teams and programs in high-growth SaaS or technology companies
  • Strong executive presence with ability to influence C-suite and Board-level stakeholders
  • Demonstrated success managing complex, multi-workstream compliance programs with competing priorities
  • Exceptional communication skills with the ability to translate technical compliance requirements into business value
  • Strategic mindset with hands-on execution capability
  • Experience partnering with Sales, Engineering, Product, and Legal teams to operationalize compliance
  • Applicants must be authorized to work for any employer in the U.S.
  • Must be based in the United States

Nice to have:

  • Industry certifications such as CISSP, CISA, CISM, or CRISC
  • Experience achieving FedRAMP authorization for a SaaS platform
  • Background in compliance automation, GRC tooling, or security orchestration
  • Experience with privacy regulations and programs (GDPR, CCPA, data governance)
  • Knowledge of cloud security architecture and controls (AWS, Azure, GCP)
  • Prior experience in a startup or hypergrowth environment (Series B-D stage)
  • Familiarity with DevSecOps, infrastructure-as-code, and modern engineering practices
  • Experience using or implementing workflow automation platforms
  • Active participation in industry groups (CSA, FedRAMP PMO community, etc.)
What we offer:
  • Competitive salary
  • Startup equity & extended exercise window
  • Matching retirement plans
  • Home office setup
  • Private healthcare plans
  • 25 days annual leave
  • Extra company holidays
  • Generous parental leave programs
  • Flexibility in how and where you work
  • Phone and home Internet allowance

Additional Information:

Job Posted:
January 26, 2026

Employment Type:
Fulltime
Work Type:
Remote work
Icon
Tines - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Director, GRC

Director, GRC, Privacy, & Trust

We’re looking for an experienced security leader to grow and mature the Governan...
Location
Location
United States; Canada
Salary
Salary:
258000.00 - 350000.00 USD / Year
https://www.1password.com Logo
1Password
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years leading GRC and privacy programs, including experience with international audits, risk management frameworks, and privacy regulations
  • 5+ years experience managing individual contributors as well as experience managing other managers
  • Proven expertise in policy development, risk assessment, compliance monitoring, and privacy program management
  • Passion for fostering psychological safety and stability in complex compliance environments
  • Hands-on experience with various information security and privacy compliance frameworks such as SOC 2 Type II, ISO 27001, FedRAMP, CMMC, GDPR, and CPRA
  • Experience with security and privacy automation tools for compliance monitoring and knowledge management
  • Experience leading company-wide compliance initiatives, securing buy-in for security and privacy policies, and leading cross functional programs
  • Experience partnering on customer contracts, including security addendums and compliance terms, balancing customer expectations and business needs
  • Exceptional written and verbal communication skills with ability to communicate effectively with executives, legal counsel, and stakeholders
  • Experience managing third-party risk, vendor assessments, and external auditors
Job Responsibility
Job Responsibility
  • Lead and mentor the GRC and Privacy Engineering team, fostering career growth and high performance
  • Drive the organization's risk management strategy and oversee the implementation of risk assessment frameworks
  • Develop and maintain information security and privacy policies, ensuring regular reviews and updates
  • Establish strong partnerships across departments to align on security and compliance initiatives
  • Engaging with customers, in partnership with Sales and Legal, to represent security in RFPs, due diligence, and security assessments
  • Oversee 1Password’s various information security and privacy certification processes ensuring compliance with relevant frameworks and regulations
  • Monitor and report on compliance metrics and program effectiveness
  • Partner with legal and security teams to assess and mitigate business, technical, and regulatory risks
  • Oversee relationships with external auditors and consultants
What we offer
What we offer
  • Maternity and parental leave top-up programs
  • Generous PTO policy
  • Four company-wide wellness days
  • Company equity for all full-time employees
  • Retirement matching program
  • Free 1Password account
  • Paid volunteer days
  • Employee-led inclusion and belonging programs and ERGs
  • Peer-to-peer recognition through Bonusly
  • Fulltime
Read More
Arrow Right

Director - Governance, Risk and Compliance

We are a fast-growing fintech company seeking a proactive and highly organized G...
Location
Location
United States , New York
Salary
Salary:
175000.00 - 200000.00 USD / Year
clearstreet.io Logo
Clear Street
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in GRC, security compliance, risk management, or related functions
  • Strong understanding of common security frameworks (SOC 2, ISO 27001, NIST CSF, PCI-DSS)
  • Experience managing audits end-to-end
  • Demonstrated ability to build and maintain governance processes and cross-functional compliance programs
  • Excellent documentation, communication, and stakeholder-management skills
  • Experience in technology, fintech, financial services, or other highly regulated industries
Job Responsibility
Job Responsibility
  • Develop, maintain, and manage the company’s security and compliance policy framework
  • Ensure policies are current, properly communicated, approved, and effectively implemented across the organization
  • Oversee periodic reviews of all internal policies
  • Educate teams on policy requirements and drive adherence
  • Build, implement, and continuously refine the company’s cyber security risk management framework
  • Lead risk identification, assessment, scoring, and periodic re-evaluations
  • Maintain the corporate risk register
  • Manage all internal and external audits including SOC 2, ISO 27001, regulatory exams, and customer due-diligence requests
  • Coordinate and prepare audit evidence
  • Serve as the primary liaison with external auditors, security assessors, and regulatory bodies
What we offer
What we offer
  • Competitive compensation packages
  • Company equity
  • 401k matching
  • Gender-neutral parental leave
  • Full medical, dental and vision insurance
  • Lunch stipends
  • Fully stocked kitchens
  • Happy hours
  • Fulltime
Read More
Arrow Right

Sr. Director, Cybersecurity Governance, Risk & Compliance

The Sr. Director of Cybersecurity Governance, Risk Management, and Compliance (G...
Location
Location
United States
Salary
Salary:
173500.00 - 419500.00 USD / Year
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree or higher in Information Technology, Cybersecurity, Computer Science, or a related field
  • Minimum of 10 years of experience in cybersecurity and/or IT Risk, with at least 5 years focus on GRC
  • Proven track record in a senior leadership role within a large organization
  • Experience in developing and implementing cybersecurity strategies
  • Strong knowledge of relevant regulations and standards, such as GDPR, NIST CSF, and ISO 27001
  • Exceptional leadership and management skills
  • Strong analytical and problem-solving abilities
  • Excellent communication and interpersonal skills
  • Ability to work collaboratively across departments and build consensus
  • Proficient in cybersecurity technologies and tools.
Job Responsibility
Job Responsibility
  • Define and execute a comprehensive cybersecurity GRC strategy that aligns with business objectives and legal/regulatory requirements
  • Partner with cross-functional teams, including Legal, IT, Audit, and Business Units, to integrate security and compliance requirements into business processes
  • Recruit, mentor, and develop a high-performing team of GRC professionals
  • Develop and maintain the cybersecurity governance framework, ensuring it aligns with the organization's overall business objectives
  • Create policies, procedures, and guidelines that support the cybersecurity strategy
  • Ensure compliance with industry standards, regulations, and best practices
  • Identify, assess, and prioritize cybersecurity risks facing the organization
  • Develop risk mitigation strategies and allocate resources to address key risk areas
  • Collaborate with other departments to integrate risk management practices across the organization
  • Monitor and report on the effectiveness of risk management strategies
What we offer
What we offer
  • Comprehensive suite of benefits supporting physical, financial, and emotional wellbeing
  • Career development programs to help achieve career goals
  • Inclusive work environment valuing diverse backgrounds.
  • Fulltime
Read More
Arrow Right
New

Director, Security GRC Program Lead

Meta is seeking a highly skilled Security GRC Program Manager to join our Risk O...
Location
Location
United States , Bellevue
Salary
Salary:
227000.00 - 287000.00 USD / Year
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Significant experience as a leader and contributor in security risk management and compliance, including providing second-line oversight
  • Strong track record of operating effectively and influencing outcomes with Engineering, Product, GRC, and Legal partners
  • Extensive experience with Governance, Risk, and Compliance (GRC) and Legal functions
  • Deep expertise in security, with the ability to holistically understand relevant issues, partners, and products, and go deep on technical details
  • Proven ability to identify critical issues, balance competing priorities, translate technical and regulatory concepts for diverse audiences, and personally drive initiatives to completion
  • In-depth knowledge of complex global regulatory requirements (e.g., GDPR, SEC, PCI-DSS, NYDFS)
  • Demonstrated ability to build strong formal and informal networks with key influencers and decision makers inside and outside the company
  • Experience working in integrated privacy-security environments or familiarity with unified GRC frameworks across multiple risk domains
Job Responsibility
Job Responsibility
  • Lead and deliver on deeply complex, high-impact projects that shape Meta's risk profile and business trajectory
  • Proactively identify long-term, critical, and ambiguous problems, setting a clear vision and strategy for risk management in alignment with company goals
  • Partner with Central Security teams to analyze, streamline, and consolidate issues and risks from all sources (1LoD, 2LoD, 3LoD, external) into a clear, prioritized list for first-line-of-defense consumption and actioning
  • Integrate security risk management with Meta's Security Prioritization Framework (SPF) and contribute to capability maturity assessments to drive risk-based prioritization across the organization
  • Define and maintain clear interfaces and points of contact with the Security organization and other key partners, ensuring efficient governance and communication
  • Prepare regular updates and compliance documents to ensure Meta meets board and regulatory obligations, adapting processes and strategies to evolving regulatory and business environments
  • Drive cross-org execution, collaborating with Risk, Security, Legal, Product, and Engineering functions to deliver results and maximize impact
  • Champion organizational efforts to build and sustain diversity, culture, recruitment, onboarding, mentoring, and development programs, serving as a role model and mentor for others
  • Integrate learnings and best practices from/to sister 2LoD organizations (e.g., Integrity GRC, Privacy GRC), and partner with Product & Engineering teams on necessary second-line-of-defense tooling within the unified GRC framework
What we offer
What we offer
  • bonus
  • equity
  • benefits
Read More
Arrow Right

Director of Partnerships

A very well positioned Enterprise Governance, Risk, and Compliance SaaS company ...
Location
Location
United States , New York
Salary
Salary:
200000.00 USD / Year
strategicemployment.com Logo
Strategic Employment Partners
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • MUST HAVE knowledge/experience in the GRC space
  • ideally in a Partnerships capacity (could be Head of, Director, Manager)
Job Responsibility
Job Responsibility
  • lead/stand up their Partnerships ecosystem
  • own this yet untapped revenue channel and grow the Partnerships function from scratch
  • Fulltime
Read More
Arrow Right

Director, Security & Compliance

As Director, Security & Compliance, you’ll be responsible for building and manag...
Location
Location
United States , San Francisco
Salary
Salary:
Not provided
instabase.com Logo
Instabase
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience in security compliance, successfully leading compliance projects, risk assessments and audits
  • FedRAMP (NIST 800-53), GDPR, SOC2, HIPAA and ISO 27001 auditing and implementation experience
  • Experience working with Engineering teams within the modern cloud / SaaS technology space
  • Excellent written and verbal communication skills
Job Responsibility
Job Responsibility
  • Formulate and drive GRC roadmap, security policies, vendor security reviews and security training
  • Initiate, own and lead new security & compliance programs and audits GDPR, SOC2, HIPAA and ISO 27001
  • Establish and continuously improve standards, processes, tooling and procedures for audit and compliance management
  • Collaborate and work cross-functionally across the company to deliver successful security compliance programs, partnering with Engineering, Product, GTM, Legal and HR teams
  • Work with external auditors to achieve security compliance certifications and reports
  • Regularly report on status, operational metrics and KPI’s, providing transparency to company Leadership and internal stakeholder teams
What we offer
What we offer
  • Flexible PTO
  • Instabreak Fridays: Enjoy 6 company-wide Friday breaks scheduled throughout the year
  • Comprehensive Coverage: Top-notch medical, dental, and vision insurance
  • 401(k) with Matching
  • Parental Leave & Fertility Benefits
  • Therapy Sessions Covered: 10 free sessions through Samata Health
  • Wellness Stipend
  • Lunch on Us: Enjoy a lunch credit when you're in the office
  • Fulltime
Read More
Arrow Right

Director, Information Security

The Director of Information Security leads the enterprise security function to p...
Location
Location
United States , Reston
Salary
Salary:
Not provided
bowman.com Logo
Bowman
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of fifteen (15) years of progressive IT experience, including at least six (6) years in information security roles
  • Bachelor’s degree in computer science, cybersecurity, or related field required
  • advanced degree preferred
  • One or more advanced security certifications required (e.g., CISSP, CISM, CISA, CCSP)
  • Proven experience building and leading security teams
  • Strong knowledge of enterprise security architecture, security operations, GRC frameworks, and risk management
  • Experience with Microsoft O365, Azure AD, virtual networks, firewalls, and modern security toolsets
  • Familiarity with frameworks such as NIST CSF, ISO 27001, CIS Controls, CMMC
Job Responsibility
Job Responsibility
  • Report to the CIO/CISO and contribute to executive-level decision making on security matters
  • Provide strategic leadership over the information security function, including technical operations, GRC, and incident response
  • Supervise a growing team of security professionals, with responsibility for hiring, performance management, training, and development
  • Build and execute a multi-year information security roadmap aligned with business goals and evolving threat landscapes
  • Collaborate with IT, Legal, HR, Marketing, Compliance, Product, and business units to implement practical, risk-based security controls and policies across the enterprise
  • Serve as a subject matter expert on cybersecurity, advising stakeholders across the enterprise
  • Communicate risk posture, security metrics and program maturity to executive leadership and governance bodies
  • Lead the design, implementation, and continuous improvement of secure enterprise architectures, ensuring protection of data, applications, and infrastructure
  • Oversee technical security operations, including endpoint security (EDR/XDR & MDM), vulnerability management, logging and detection (SIEM, SOAR, threat intelligence, UEBA, CSPM/ASM), data protection (DLP, classification, encryption, backup and governance), application and DevSecOps (SAST/DAST, SBOM, secrets, API and container security), and cloud/infrastructure security (CWPP, IaC scanning, and hybrid/cloud hardening)
  • Develop and implement comprehensive GRC programs addressing risk management, compliance standards(e.g., NIST 800-171, CMMC, ISO, CIS), customer requirements, audit readiness, policy management, and vendor risk
What we offer
What we offer
  • Medical, dental, vision, life, and disability insurance
  • 401(k) retirement savings plan with company match
  • Paid time off, sick leave, and paid holidays
  • Tuition reimbursement and professional development support
  • Discretionary bonuses and other performance-based incentives
  • Employee Assistance Program (EAP), wellness initiatives, and employee discounts
  • Fulltime
Read More
Arrow Right

Governance and Conduct Risk Manager

The Governance and Conduct Risk Manager will be responsible for developing, impl...
Location
Location
United Arab Emirates , Dubai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Finance, Business Administration, Law, Economics, or a related field
  • Master's degree or relevant professional certifications (e.g., FRM, PRM, CAMS, ICA qualifications) are a plus
  • Understanding of banking regulations, corporate governance principles, and conduct risk expectations
  • Excellent analytical and problem-solving abilities
  • Exceptional verbal and written communication skills
  • Strong ability to build relationships and collaborate effectively across all levels of the organization
  • Ability to think strategically and translate regulatory requirements into practical business solutions
  • Proven ability to manage multiple projects simultaneously
  • Unquestionable integrity and ethical standards
  • Proficient in Microsoft Office Suite
Job Responsibility
Job Responsibility
  • Design, develop, and implement the bank's governance and conduct risk framework
  • Ensure framework integrates with enterprise risk management framework
  • Develop and maintain robust control environment for governance and conduct risks
  • Conduct regular risk assessments
  • Analyze emerging regulatory requirements and industry trends
  • Facilitate workshops with business units
  • Establish and monitor key risk indicators and key performance indicators
  • Develop comprehensive reports for senior management and Board of Directors
  • Oversee tracking and resolution of governance and conduct risk issues
  • Provide expert advice to business units on governance and conduct risk matters
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy