CrawlJobs Logo
Scale Logo Scale · Legal

Director of Governance and Risk Compliance

United States, San Francisco 302400.00 - 378000.00 USD / Year · Job Posted February 20, 2026
Apply Position
Job Link Share

Job Description

Scale is seeking a highly experienced and motivated Director of Governance, Risk, and Compliance to build and lead our centralized GRC function to protect and advance the company. We are seeking someone to mature and lead the GRC function, helping to set a strategic, long-term vision, partnering cross-functionally across Scale, and representing Scale's GRC functions with partners, regulators, and other stakeholders.

Job Responsibility

  • Lead the GRC function at Scale, including compliance governance, compliance advisory, risk management, and regulatory compliance
  • Manage and develop a team of compliance professionals spanning governance, assurance, and GRC engineering to build scalable systems and processes
  • Own and mature Scale's Enterprise Risk Management (ERM) program, including risk identification, assessment, mitigation, and reporting
  • Partner with Legal, Security, Product, Engineering, and Operations, among other teams, to help guide Scale's growth in a highly scrutinized space
  • Own or contribute to Scale's AI governance strategy, including monitoring and operationalizing emerging AI regulations (EU AI Act, NIST AI RMF, state AI laws)
  • Help set and drive vision for how GRC can not only help protect Scale, but serve as a differentiator and competitive advantage
  • Represent the team with internal and external stakeholders (partners, regulators, etc.)
  • Take a strategic, long-term view of compliance while still being willing to get into the weeds on specific compliance issues

Requirements

  • 10+ years of progressive experience in GRC, compliance, or related legal/regulatory roles, with demonstrated success building or scaling compliance programs
  • Demonstrated success in building and leading high-quality compliance programs and teams
  • Experience designing and operating an Enterprise Risk Management program
  • Deep knowledge of applicable regulatory frameworks, including SOC 2, ISO 27001, FedRAMP, GDPR, and CPRA
  • Experience with U.S. Government contract compliance requirements (FAR, DFARS, NIST 800-171, CMMC)
  • Excellent communicator with the ability to break down complex requirements into easy-to-understand and practical systems
  • Thrive in fast-paced, high-growth environments with ambiguity and competing priorities
  • Love collaborating with talented professionals across many disciplines—product, design, security, engineering, marketing, and more

Nice to have

  • Experience with AI governance frameworks and emerging AI regulatory requirements
  • Experience building a compliance team that helped take a company public
  • Deep knowledge of DoD-specific compliance requirements and security frameworks

What we offer

  • Comprehensive health, dental and vision coverage
  • retirement benefits
  • a learning and development stipend
  • generous PTO
  • equity based compensation
  • additional benefits such as a commuter stipend
Scale - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Director of Governance and Risk Compliance

8 matching positions

Director of Governance, Risk, Compliance and Trust

Everlaw is seeking a pragmatic and execution-oriented Director of GRCT to lead o...
Location
Location
United States , Oakland
Salary
Salary:
230000.00 - 312000.00 USD / Year
everlaw.com Logo
Everlaw
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in Information Security, Risk, or Compliance
  • Senior ownership of FedRAMP Moderate/High programs from authorization through steady-state operations
  • Hands-on experience implementing modern GRC automation platforms
  • Experience driving a shift from manual compliance processes toward Continuous Control Monitoring
  • Strong risk judgment, evaluating control gaps, exception requests, and architectural trade-offs pragmatically
  • Technical literacy to lead Security Impact Analyses (SIA) and embed compliance into DevOps and CI/CD workflows
  • Experience supporting customer assurance and GTM efforts—from complex security questionnaires to executive-level conversations
  • Operational and people leadership skills, skilled at establishing operating rhythms, defining meaningful program metrics, driving predictable execution, and coaching high-ownership teams
  • Clear and credible communicator, able to distill complex technical and regulatory topics
  • Bachelor’s degree in Information Security, Computer Science, Engineering, Information Systems, or a related field (or equivalent practical experience)
Job Responsibility
Job Responsibility
  • Public Sector Compliance Ownership: Own Everlaw’s public sector compliance posture, including FedRAMP and GovRAMP authorization and ongoing maintenance
  • Regulatory & Contractual Requirements: Ensure compliance with specialized regulatory and contractual requirements (e.g., CJIS, FTI)
  • Global & Industry Certifications: Accountable for global and industry certifications, including SOC 2, ISO 27001/27017/27018, UK CE+, GDPR, and HIPAA
  • Audit Readiness & Execution: Ensure sustained audit readiness through clear control ownership, effective evidence management, and scalable compliance processes
  • Strategic Certifications & Market Access: Own the go/no-go framework for pursuing new certifications or regulatory authorizations (e.g., ISO 42001)
  • Regulatory Awareness: Continuously monitor emerging regulatory and industry requirements and advise leadership on impact, readiness, and timing
  • Security Risk Identification & Management: Oversee the identification, assessment, and tracking of information security risks
  • Security Impact Analysis (SIA): Partner with Security Engineering to lead the SIA process for major system, infrastructure, and product changes
  • Third-Party Security Risk: Oversee the vendor security risk lifecycle, from onboarding through ongoing monitoring and renewal
  • Pragmatic Governance & Decision Support: Maintain security policies, standards, and exception processes
What we offer
What we offer
  • Equity program
  • 401(k) retirement plan with company matching
  • Health, dental, and vision
  • Flexible Spending Accounts for health and dependent care expenses
  • Paid parental leave and approximately 10 days (80 hours) per year of sick leave
  • Seventeen paid vacation days plus 11 federal holidays
  • Membership to Modern Health to help employees prioritize mental health and wellness
  • Annual allocation for Learning & Development opportunities and applicable professional membership dues
  • Company-sponsored life and disability insurance
  • Work in Uptown Oakland, just steps from the BART line and dozens of restaurants and walking distance to Lake Merritt
  • Fulltime
Read More
Arrow Right

Director of Technology - Governance, Risk, and Compliance

We are seeking a Director of Technology - Governance, Risk, and Compliance to de...
Location
Location
United States , San Jose
Salary
Salary:
219000.00 - 290000.00 USD / Year
archer.com Logo
Archer Aviation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8 plus years of experience in Technical Governance, Risk, and Compliance, Risk Management, Audit, or Information Security
  • Minimum of 3 years in a director or senior manager role leading a GRC function or compliance program
  • Expert-level understanding of NIST CSF, SP 800-171, and CMMC Level 2 frameworks
  • Hands-on experience managing NIST CSF, 800-171 compliance programs or leading CMMC Level 2 assessments and certification initiatives
  • Strong knowledge of SOX Section 404 requirements, particularly IT General Controls (ITGC)
  • Deep understanding of ITAR and EAR export control regulations
  • Proficiency in risk management methodologies
  • Experience designing and operating control frameworks (ISO 27001, NIST CSF, SOC 2 Type II)
  • Strong communication skills to present complex compliance and risk concepts
  • Demonstrated ability to lead and mentor teams, manage budgets, and drive cross-functional initiatives
Job Responsibility
Job Responsibility
  • Develop and execute a comprehensive Cyber-focused Governance, Risk, and Compliance (GRC) strategy
  • Lead the design and implementation of System Security Plans (SSPs) and Plans of Action and Milestones (POA&Ms)
  • Establish and manage an enterprise-wide risk management program
  • Design and enforce a control framework
  • Conduct or coordinate regular compliance assessments and internal audits
  • Manage relationships with external auditors, assessors, and regulators
  • Develop and maintain comprehensive compliance documentation
  • Lead the design of third-party and vendor risk management processes
  • Drive compliance training and awareness programs across the organization
  • Stay current with emerging regulatory changes
  • Fulltime
Read More
Arrow Right

Executive Director, Governance, Risk and Compliance

Executive Director, Information Security is a leadership role responsible for th...
Location
Location
United States , Los Angeles
Salary
Salary:
270282.00 - 333051.00 USD / Year
amgen.com Logo
Amgen
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate degree & 6 years of information security experience
  • Master’s degree & 10 years of information security experience
  • Bachelor’s degree & 12 years of information security experience
  • 6 years of managerial experience directly managing people and/or leadership experience leading teams, projects, programs or directing the allocation of resources
Job Responsibility
Job Responsibility
  • Set vision and strategy for Amgen’s digital Governance, Risk and Compliance efforts globally
  • Provide oversight and assurance for Amgen’s Information Security program in alignment with ISO 27002:2022
  • Oversee Technology’s Document Management Services (DMS)
  • Work with Quality, Finance and Security leadership to provide oversight and effectively manage GxP, Security and SOX deviations and corrective and preventive actions (CAPAs)
  • Partner with Corporate Audit and the Technology Extended Leadership Team to manage audit responses
  • Oversee Amgen’s Global Records and Information Management operations
  • Work with key stakeholders to improve compliance capabilities (e.g., GxP agile validation and process simplification)
  • Manage and oversee Amgen’s Risk services, including third-party business enablement and Amgen’s digital risk register
  • Deliver timely transparency reports and metrics to key stakeholders and senior business leadership (e.g., Chief Financial Officer, Chief Information Officer, Chief Information Security Officer, Quality leadership, etc.)
  • Maintain outstanding service delivery and collaborate diligently with global functional teams to achieve continuous improvement of governance, risk, and compliance services
What we offer
What we offer
  • Comprehensive employee benefits package, including a Retirement and Savings Plan with generous company contributions, group medical, dental and vision coverage, life and disability insurance, and flexible spending accounts
  • A discretionary annual bonus program, or for field sales representatives, a sales-based incentive plan
  • Stock-based long-term incentives
  • Award-winning time-off plans and bi-annual company-wide shutdowns
  • Flexible work models, including remote work arrangements, where possible
  • Fulltime
Read More
Arrow Right

Director of Compliance and Risk (MLRO)

Safeguard the business while accelerating growth. You’ll evolve our compliance a...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
shieldpay.com Logo
Shieldpay
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Recent experience as a MLRO within the UK FCA regulated sector
  • Proven senior leadership in either Payments, Banking, or Fintech, with specific experience in scaling early-stage B2B2C organisations
  • Comprehensive knowledge of FCA, GDPR, AML, and KYC regulations, and their impact on information security and wider business operations
  • A commercially astute leader who can influence stakeholders at all levels, balancing a hunger for growth with a disciplined approach to risk
  • You thrive in ambiguity and fast-paced scaling environments. You recognise that early-stage processes are iterative and possess the commercial maturity to calibrate regulatory guardrails against aggressive business growth
  • You prioritise functional, scalable solutions over theoretical perfection, ensuring compliance supports rather than hinders organizational momentum
  • You interpret market forces and economic shifts to provide the Senior Leadership team with actionable recommendations, leveraging technology and automation to manage high-volume workloads with precision
Job Responsibility
Job Responsibility
  • Strategic Governance: Act as the ultimate authority for the Board/ExCo, aligning strategy and appetite with commercial goals and ensuring effective oversight. Lead high-level engagement with the FCA, SRA, and PSR, managing all regulatory filings, permissions, and institutional relationships
  • Risk Strategy: Design and implement a comprehensive risk framework, driving continuous improvement through scenario analysis and predictive trend reporting. Partner across the business to embed risk control assessments that balance technical rigor with commercial agility. Act as a "disruptor" to streamline policies and remove operational friction without compromising regulatory integrity
  • Regulatory Accountability and MLRO Oversight: Serve as MLRO, overseeing all investigations, remedial actions, and responses to potential regulatory or conduct breaches. Evolve AML/KYC frameworks for complex B2B2C models and lead all internal/external audit engagements and banking partner reviews. Drive firm-wide accountability through strategic training and mentorship, shifting compliance from a "blocker" to a business enabler
What we offer
What we offer
  • flexible working options, such as flexible hours and hybrid work, to support our employees' work-life balance
Read More
Arrow Right

Director - Governance, Risk and Compliance

We are a fast-growing fintech company seeking a proactive and highly organized G...
Location
Location
United States , New York
Salary
Salary:
175000.00 - 200000.00 USD / Year
clearstreet.io Logo
Clear Street
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in GRC, security compliance, risk management, or related functions
  • Strong understanding of common security frameworks (SOC 2, ISO 27001, NIST CSF, PCI-DSS)
  • Experience managing audits end-to-end
  • Demonstrated ability to build and maintain governance processes and cross-functional compliance programs
  • Excellent documentation, communication, and stakeholder-management skills
  • Experience in technology, fintech, financial services, or other highly regulated industries
Job Responsibility
Job Responsibility
  • Develop, maintain, and manage the company’s security and compliance policy framework
  • Ensure policies are current, properly communicated, approved, and effectively implemented across the organization
  • Oversee periodic reviews of all internal policies
  • Educate teams on policy requirements and drive adherence
  • Build, implement, and continuously refine the company’s cyber security risk management framework
  • Lead risk identification, assessment, scoring, and periodic re-evaluations
  • Maintain the corporate risk register
  • Manage all internal and external audits including SOC 2, ISO 27001, regulatory exams, and customer due-diligence requests
  • Coordinate and prepare audit evidence
  • Serve as the primary liaison with external auditors, security assessors, and regulatory bodies
What we offer
What we offer
  • Competitive compensation packages
  • Company equity
  • 401k matching
  • Gender-neutral parental leave
  • Full medical, dental and vision insurance
  • Lunch stipends
  • Fully stocked kitchens
  • Happy hours
  • Fulltime
Read More
Arrow Right

Director, Risk and Governance, People and Capability

This new position will play a key role in the Strategy and Risk team within the ...
Location
Location
United States of America , Purchase
Salary
Salary:
163000.00 - 269000.00 USD / Year
mastercard.com Logo
Mastercard
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Enterprise Risk management experience in a large multinational company with a mature risk function
  • Expertise in developing risk or insights dashboards and producing clear and actionable reports
  • Proven project management skills
  • Data-driven approach to problem solving with strong critical thinking skills
  • Ability to influence at all levels and work collaboratively across multiple groups
  • Demonstrated learning agility and resilience under pressure
  • Ability to take many complicated inputs and distill into simple solutions and compelling narratives
  • Detail-oriented with excellent verbal and written communication skills
Job Responsibility
Job Responsibility
  • Oversee the People & Capability global risk assessment and planning and monitoring of progress
  • Drive governance and standards around key risk and compliance areas such as incident tracking and reporting, and monitoring of legislative changes and policy updates
  • Ongoing identification and assessment of emerging and evolving risks
  • Develop executive-ready materials for updates on critical projects and programs
  • Establish standard templates for tracking and reporting progress against priorities
  • Provides analytical and strategic insights to support priority initiatives
  • Primary point of contact for the audit team to coordinate internal reviews, escalate findings, and monitor action planning
  • Monitoring third party risk and supporting teams to drive compliance
  • Support the development of risk mindset and risk management capability across the function
What we offer
What we offer
  • insurance (including medical, prescription drug, dental, vision, disability, life insurance)
  • flexible spending account and health savings account
  • paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave)
  • 80 hours of Paid Sick and Safe Time, 25 days of vacation time and 5 personal days
  • 10 annual paid U.S. observed holidays
  • 401k with a best-in-class company match
  • deferred compensation for eligible roles
  • fitness reimbursement or on-site fitness facilities
  • eligibility for tuition reimbursement
  • Fulltime
Read More
Arrow Right

Head of Governance, Risk & Compliance

Lead the design and execution of the organization’s GRC strategy, ensuring it al...
Location
Location
Egypt , New Cairo
Salary
Salary:
Not provided
ethicshr.com Logo
Ethics HR
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master’s degree in Business Administration, Risk Management, Cybersecurity, Law, or a related field from a reputable university
  • Minimum of 10 years of experience in governance, risk management, compliance
  • Strong knowledge of GRC frameworks, industry standards, and regulatory requirements (e.g., ISO 27001, NIST, GDPR, SOX, HIPAA)
  • Relevant certifications such as CISM, CRISC, CISA, or similar GRC certifications are highly preferred
  • Proven track record of successful full leadership
  • Excellent command of English
Job Responsibility
Job Responsibility
  • Lead the design and execution of the organization’s GRC strategy, ensuring it aligns with corporate goals and objectives
  • Develop and implement governance frameworks, risk management processes, and compliance programs that adhere to regulatory requirements and industry standards
  • Oversee the risk management process, including risk identification, assessment, mitigation, and monitoring
  • Ensure compliance with relevant laws, regulations, and internal policies, including data protection, cybersecurity, financial, and operational regulations
  • Establish and maintain a strong risk management and compliance culture throughout the organization
  • Provide leadership and guidance to cross-functional teams to ensure effective implementation of GRC initiatives
  • Lead internal and external audits, managing the process and ensuring timely remediation of identified issues
  • Monitor and report on the organization’s risk posture and compliance status to executive leadership and the board
  • Develop, implement, and maintain policies and procedures to address risks and compliance obligations
  • Provide training and awareness programs to employees on GRC topics, fostering compliance and risk-conscious behavior
Read More
Arrow Right

Director, Governance Risk Compliance

Gong harnesses the power of AI to transform how revenue teams win. The Gong Reve...
Location
Location
United States , Austin; Chicago; New York City; Salt Lake City; San Francisco
Salary
Salary:
191000.00 - 278000.00 USD / Year
gong.io Logo
Gong
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 12+ years of compliance experience
  • Building a compliance program in a cloud environment
  • In-depth knowledge of control frameworks
  • Ability to be hands on
  • Familiarity with attack frameworks and mitigation
Job Responsibility
Job Responsibility
  • Manage Certification program (ISO, PCI, SOC2, HIPAA etc.)
  • Ensure compliance with applicable controls based on a unified control framework
  • Manage customer audits and questionnaires
  • Cloud security
  • Security awareness training
  • Contract reviews
  • Third party risk management
What we offer
What we offer
  • We offer Gongsters a variety of medical, dental, and vision plans, designed to fit you and your family’s needs
  • Wellbeing Fund - flexible wellness stipend to support a healthy lifestyle
  • Mental Health benefits with covered therapy and coaching
  • 401(k) program to help you invest in your future
  • Education & learning stipend for personal growth and development
  • Flexible vacation time to promote a healthy work-life blend
  • Paid parental leave to support you and your family
  • Company-wide recharge days each quarter
  • Work from home stipend to help you succeed in a remote environment
Read More
Arrow Right