CrawlJobs Logo

Director of Security, GRC

United States, Menlo Park 255000.00 - 300000.00 USD / Year · Job Posted February 14, 2026
Apply Position
Job Link Share

Job Description

Join us in building the future of finance. Our mission is to democratize finance for all. The Security and Corporate Engineering team at Robinhood safeguards the trust of our customers and the integrity of our platform by proactively managing risks and protecting company and user data. Our mission is to ensure secure growth by embedding security and resilience into the fabric of our technology, culture, and business operations! As Director of Security, GRC, you’ll be a strategic and operational leader guiding enterprise-wide security risk management, policy governance, regulatory compliance, and business continuity planning. You'll collaborate with senior leadership, cross-functional partners, and regulatory bodies to maintain a robust and compliant security posture across Robinhood.

Job Responsibility

  • Lead the development, automation, and execution of our enterprise security risk management framework, driving mitigation strategies and board-level risk reporting
  • Direct policy development and exception management processes, ensuring effective governance of security standards and exceptions
  • Oversee enterprise business continuity and disaster recovery programs, including execution of simulation exercises and continuous refinement
  • Manage strategic compliance initiatives, coordinating with legal, compliance, and operational teams to meet regulatory requirements and prepare for audits
  • Serve as the primary liaison for security-related board reporting, quantitative risk management, and regulatory engagements, shaping the external and internal narrative on risk

Requirements

  • Proven senior security leader with over 10 years of experience, specializing in scaling through technology, the management of risk, compliance, and business continuity programs
  • 5+ years of experience working with or within US and international financial regulatory environments
  • Proven track record building and scaling GRC programs in highly regulated, fast-paced industries, focused on automation first tooling
  • Strong verbal and written communication and executive presence, with experience preparing and presenting board-level security updates
  • Professional certifications such as CISSP, CISM, CRISC, or equivalent
  • Familiarity with GRC and program management tools (e.g., Jira, Archer, or ServiceNow)
  • Experience with NIST CSF, 800-53 R5, federal and international security assessments.

What we offer

  • Performance driven compensation with multipliers for outsized impact, bonus programs, equity ownership, and 401(k) matching
  • 100% paid health insurance for employees with 90% coverage for dependents
  • Lifestyle wallet – a highly flexible benefits spending account for wellness, learning, and more
  • Employer-paid life & disability insurance, fertility benefits, and mental health benefits
  • Time off to recharge including company holidays, paid time off, sick time, parental leave, and more
  • Exceptional office experience with catered meals, events, and comfortable workspaces

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Director of Security, GRC

8 matching positions

Director, Security GRC Program Lead

Meta is seeking a highly skilled Security GRC Program Manager to join our Risk O...
Location
Location
United States , Bellevue
Salary
Salary:
227000.00 - 287000.00 USD / Year
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Significant experience as a leader and contributor in security risk management and compliance, including providing second-line oversight
  • Strong track record of operating effectively and influencing outcomes with Engineering, Product, GRC, and Legal partners
  • Extensive experience with Governance, Risk, and Compliance (GRC) and Legal functions
  • Deep expertise in security, with the ability to holistically understand relevant issues, partners, and products, and go deep on technical details
  • Proven ability to identify critical issues, balance competing priorities, translate technical and regulatory concepts for diverse audiences, and personally drive initiatives to completion
  • In-depth knowledge of complex global regulatory requirements (e.g., GDPR, SEC, PCI-DSS, NYDFS)
  • Demonstrated ability to build strong formal and informal networks with key influencers and decision makers inside and outside the company
  • Experience working in integrated privacy-security environments or familiarity with unified GRC frameworks across multiple risk domains
Job Responsibility
Job Responsibility
  • Lead and deliver on deeply complex, high-impact projects that shape Meta's risk profile and business trajectory
  • Proactively identify long-term, critical, and ambiguous problems, setting a clear vision and strategy for risk management in alignment with company goals
  • Partner with Central Security teams to analyze, streamline, and consolidate issues and risks from all sources (1LoD, 2LoD, 3LoD, external) into a clear, prioritized list for first-line-of-defense consumption and actioning
  • Integrate security risk management with Meta's Security Prioritization Framework (SPF) and contribute to capability maturity assessments to drive risk-based prioritization across the organization
  • Define and maintain clear interfaces and points of contact with the Security organization and other key partners, ensuring efficient governance and communication
  • Prepare regular updates and compliance documents to ensure Meta meets board and regulatory obligations, adapting processes and strategies to evolving regulatory and business environments
  • Drive cross-org execution, collaborating with Risk, Security, Legal, Product, and Engineering functions to deliver results and maximize impact
  • Champion organizational efforts to build and sustain diversity, culture, recruitment, onboarding, mentoring, and development programs, serving as a role model and mentor for others
  • Integrate learnings and best practices from/to sister 2LoD organizations (e.g., Integrity GRC, Privacy GRC), and partner with Product & Engineering teams on necessary second-line-of-defense tooling within the unified GRC framework
What we offer
What we offer
  • bonus
  • equity
  • benefits
Read More
Arrow Right

Director of It

Director of IT / IT Director / Information Technology Director / Director of IT ...
Location
Location
United States , Des Moines
Salary
Salary:
200000.00 USD / Year
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands on current, server & networking IT skills
  • Current Technical demonstrated experience in a modern tech stack
  • IT Budget
  • IT Hiring and direct reports
  • Tech Strategic Planning + Day to Day in the weeds
  • Technical Roadmap experience
  • CyberSecurity Roadmap and expertise
  • Azure / Cloud migration + M365 – can lead a Cloud migration
  • Infrastructure – Server + Networking
  • GRC – Governance, Risk & Compliance
Job Responsibility
Job Responsibility
  • Player / Coach type of a role where you must have modern tech stack expertise
  • Straddle both technical AND Leadership
  • Be on the Front Lines working to improve technology for the business
  • Drive Solutions for the business
  • Work with the business and leading the Front lines of operations
  • Strategic AND Technical Lead role in a small IT shop
  • Drive Change
What we offer
What we offer
  • 20% Bonus depending on years of experience
  • Referral Bonuses Paid
  • Benefits available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance
  • Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan
  • Fulltime
Read More
Arrow Right

Director of Technology - Governance, Risk, and Compliance

We are seeking a Director of Technology - Governance, Risk, and Compliance to de...
Location
Location
United States , San Jose
Salary
Salary:
219000.00 - 290000.00 USD / Year
archer.com Logo
Archer Aviation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8 plus years of experience in Technical Governance, Risk, and Compliance, Risk Management, Audit, or Information Security
  • Minimum of 3 years in a director or senior manager role leading a GRC function or compliance program
  • Expert-level understanding of NIST CSF, SP 800-171, and CMMC Level 2 frameworks
  • Hands-on experience managing NIST CSF, 800-171 compliance programs or leading CMMC Level 2 assessments and certification initiatives
  • Strong knowledge of SOX Section 404 requirements, particularly IT General Controls (ITGC)
  • Deep understanding of ITAR and EAR export control regulations
  • Proficiency in risk management methodologies
  • Experience designing and operating control frameworks (ISO 27001, NIST CSF, SOC 2 Type II)
  • Strong communication skills to present complex compliance and risk concepts
  • Demonstrated ability to lead and mentor teams, manage budgets, and drive cross-functional initiatives
Job Responsibility
Job Responsibility
  • Develop and execute a comprehensive Cyber-focused Governance, Risk, and Compliance (GRC) strategy
  • Lead the design and implementation of System Security Plans (SSPs) and Plans of Action and Milestones (POA&Ms)
  • Establish and manage an enterprise-wide risk management program
  • Design and enforce a control framework
  • Conduct or coordinate regular compliance assessments and internal audits
  • Manage relationships with external auditors, assessors, and regulators
  • Develop and maintain comprehensive compliance documentation
  • Lead the design of third-party and vendor risk management processes
  • Drive compliance training and awareness programs across the organization
  • Stay current with emerging regulatory changes
  • Fulltime
Read More
Arrow Right

Director of Governance, Risk, Compliance and Trust

Everlaw is seeking a pragmatic and execution-oriented Director of GRCT to lead o...
Location
Location
United States , Oakland
Salary
Salary:
230000.00 - 312000.00 USD / Year
everlaw.com Logo
Everlaw
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in Information Security, Risk, or Compliance
  • Senior ownership of FedRAMP Moderate/High programs from authorization through steady-state operations
  • Hands-on experience implementing modern GRC automation platforms
  • Experience driving a shift from manual compliance processes toward Continuous Control Monitoring
  • Strong risk judgment, evaluating control gaps, exception requests, and architectural trade-offs pragmatically
  • Technical literacy to lead Security Impact Analyses (SIA) and embed compliance into DevOps and CI/CD workflows
  • Experience supporting customer assurance and GTM efforts—from complex security questionnaires to executive-level conversations
  • Operational and people leadership skills, skilled at establishing operating rhythms, defining meaningful program metrics, driving predictable execution, and coaching high-ownership teams
  • Clear and credible communicator, able to distill complex technical and regulatory topics
  • Bachelor’s degree in Information Security, Computer Science, Engineering, Information Systems, or a related field (or equivalent practical experience)
Job Responsibility
Job Responsibility
  • Public Sector Compliance Ownership: Own Everlaw’s public sector compliance posture, including FedRAMP and GovRAMP authorization and ongoing maintenance
  • Regulatory & Contractual Requirements: Ensure compliance with specialized regulatory and contractual requirements (e.g., CJIS, FTI)
  • Global & Industry Certifications: Accountable for global and industry certifications, including SOC 2, ISO 27001/27017/27018, UK CE+, GDPR, and HIPAA
  • Audit Readiness & Execution: Ensure sustained audit readiness through clear control ownership, effective evidence management, and scalable compliance processes
  • Strategic Certifications & Market Access: Own the go/no-go framework for pursuing new certifications or regulatory authorizations (e.g., ISO 42001)
  • Regulatory Awareness: Continuously monitor emerging regulatory and industry requirements and advise leadership on impact, readiness, and timing
  • Security Risk Identification & Management: Oversee the identification, assessment, and tracking of information security risks
  • Security Impact Analysis (SIA): Partner with Security Engineering to lead the SIA process for major system, infrastructure, and product changes
  • Third-Party Security Risk: Oversee the vendor security risk lifecycle, from onboarding through ongoing monitoring and renewal
  • Pragmatic Governance & Decision Support: Maintain security policies, standards, and exception processes
What we offer
What we offer
  • Equity program
  • 401(k) retirement plan with company matching
  • Health, dental, and vision
  • Flexible Spending Accounts for health and dependent care expenses
  • Paid parental leave and approximately 10 days (80 hours) per year of sick leave
  • Seventeen paid vacation days plus 11 federal holidays
  • Membership to Modern Health to help employees prioritize mental health and wellness
  • Annual allocation for Learning & Development opportunities and applicable professional membership dues
  • Company-sponsored life and disability insurance
  • Work in Uptown Oakland, just steps from the BART line and dozens of restaurants and walking distance to Lake Merritt
  • Fulltime
Read More
Arrow Right

Director of Governance and Risk Compliance

Scale is seeking a highly experienced and motivated Director of Governance, Risk...
Location
Location
United States , San Francisco
Salary
Salary:
302400.00 - 378000.00 USD / Year
scale.com Logo
Scale
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of progressive experience in GRC, compliance, or related legal/regulatory roles, with demonstrated success building or scaling compliance programs
  • Demonstrated success in building and leading high-quality compliance programs and teams
  • Experience designing and operating an Enterprise Risk Management program
  • Deep knowledge of applicable regulatory frameworks, including SOC 2, ISO 27001, FedRAMP, GDPR, and CPRA
  • Experience with U.S. Government contract compliance requirements (FAR, DFARS, NIST 800-171, CMMC)
  • Excellent communicator with the ability to break down complex requirements into easy-to-understand and practical systems
  • Thrive in fast-paced, high-growth environments with ambiguity and competing priorities
  • Love collaborating with talented professionals across many disciplines—product, design, security, engineering, marketing, and more
Job Responsibility
Job Responsibility
  • Lead the GRC function at Scale, including compliance governance, compliance advisory, risk management, and regulatory compliance
  • Manage and develop a team of compliance professionals spanning governance, assurance, and GRC engineering to build scalable systems and processes
  • Own and mature Scale's Enterprise Risk Management (ERM) program, including risk identification, assessment, mitigation, and reporting
  • Partner with Legal, Security, Product, Engineering, and Operations, among other teams, to help guide Scale's growth in a highly scrutinized space
  • Own or contribute to Scale's AI governance strategy, including monitoring and operationalizing emerging AI regulations (EU AI Act, NIST AI RMF, state AI laws)
  • Help set and drive vision for how GRC can not only help protect Scale, but serve as a differentiator and competitive advantage
  • Represent the team with internal and external stakeholders (partners, regulators, etc.)
  • Take a strategic, long-term view of compliance while still being willing to get into the weeds on specific compliance issues
What we offer
What we offer
  • Comprehensive health, dental and vision coverage
  • retirement benefits
  • a learning and development stipend
  • generous PTO
  • equity based compensation
  • additional benefits such as a commuter stipend
  • Fulltime
Read More
Arrow Right

Director, GRC

Founded in 2018 with co-headquarters in Dublin and Boston, Tines powers some of ...
Location
Location
United States
Salary
Salary:
250000.00 - 265000.00 USD / Year
tines.com Logo
Tines
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 12+ years of progressive experience in GRC, information security, or risk management
  • At least 5 years in a leadership role
  • Proven track record leading FedRAMP authorization efforts from planning through ATO
  • Deep expertise in multiple compliance frameworks: SOC 2, ISO 27001, FedRAMP, NIST 800-53
  • Experience building and scaling GRC teams and programs in high-growth SaaS or technology companies
  • Strong executive presence with ability to influence C-suite and Board-level stakeholders
  • Demonstrated success managing complex, multi-workstream compliance programs with competing priorities
  • Exceptional communication skills with the ability to translate technical compliance requirements into business value
  • Strategic mindset with hands-on execution capability
  • Experience partnering with Sales, Engineering, Product, and Legal teams to operationalize compliance
Job Responsibility
Job Responsibility
  • Define and execute Tines' multi-year GRC strategy aligned with business objectives
  • Own the compliance roadmap, prioritizing certifications and frameworks based on customer needs and revenue impact
  • Serve as executive sponsor for all compliance programs, providing visibility and reporting to C-suite and Board of Directors
  • Build business cases for compliance investments, demonstrating ROI and competitive advantage
  • Monitor evolving compliance landscape, anticipating regulatory changes
  • Lead, mentor, and grow a team of GRC professionals
  • Scale the team strategically as Tines grows
  • Foster cross-functional collaboration with Engineering, Product, Sales, Legal, IT, Security, and HR teams
  • Drive Tines' FedRAMP authorization to successful completion
  • Establish ongoing FedRAMP continuous monitoring and reauthorization processes
What we offer
What we offer
  • Competitive salary
  • Startup equity & extended exercise window
  • Matching retirement plans
  • Home office setup
  • Private healthcare plans
  • 25 days annual leave
  • Extra company holidays
  • Generous parental leave programs
  • Flexibility in how and where you work
  • Phone and home Internet allowance
  • Fulltime
Read More
Arrow Right

Director, Product Security

The Director of Product Security is a critical leadership role responsible for t...
Location
Location
United States , Buffalo
Salary
Salary:
178000.00 - 220000.00 USD / Year
acvauctions.com Logo
ACV Auctions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years experience in Information Security
  • 5+ years directly focused on Product Security or Application Security in a leadership role
  • Proven experience building and leading a centralized Product Security/AppSec program within a technology-driven, cloud-based SaaS company
  • Deep, hands-on knowledge of the Secure Software Development Lifecycle (SSDLC), CI/CD, and DevSecOps principles, including automating security tooling
  • Strong understanding of security frameworks and best practices (NIST CSF, ISO 27001, CIS Controls)
  • Extensive experience with cloud security, with a strong focus on securing applications deployed in AWS and/or GCP environments
  • Experience with modern software development including Agentic and Generative AI techniques
  • Expertise with multiple application security tools, including SAST, DAST, MAST, SCA, API security platforms, and Web Application Firewalls (WAF)
  • Excellent communication, interpersonal, and leadership skills, with an ability to translate complex technical risks into business context
  • Ability to work effectively in a remote environment and manage geographically dispersed teams
Job Responsibility
Job Responsibility
  • Design, implement, and manage the end-to-end Product Security program
  • Lead the adoption of DevSecOps practices, automating security tools and gates within the CI/CD pipelines
  • Establish and enforce Secure Software Development Lifecycle (SSDLC) requirements
  • Build, mentor, and manage a team of Product Security Engineers
  • Proactively identify and establish security guardrails for AI/ML model development and usage
  • Oversee the deployment, tuning, and management of application security testing tools (SAST, DAST, SCA)
  • Lead vulnerability remediation efforts for all ACV products
  • Perform and oversee deep-dive security architecture and design reviews for all new products, features, and core application services
  • Define and manage secure configuration standards for containerized applications, microservices, APIs, and their supporting cloud infrastructure (AWS and GCP)
  • Manage and coordinate external penetration testing and bug bounty programs
What we offer
What we offer
  • Multiple medical plans including a high deductible, low cost health plan
  • Company-sponsored (paid) Short-Term Disability, Long-Term Disability, and Life Insurance
  • Comprehensive optional benefits such as Dental, Vision, Supplemental Life/AD&D, Legal/ID Protection, and Accident and Critical Illness Insurance
  • Generous paid time off options, including uncapped vacation days, paid sick days, 6 paid company holidays, 2 floating holidays, parental leave, bereavement leave, jury duty leave, voting leave
  • Employee Stock Purchase Program with additional opportunities to earn stock in the Company
  • Retirement planning through the Company’s 401(k)
  • Fulltime
Read More
Arrow Right

Global Director, GPC Security Services

The Global Director, Security Services is responsible for leading and executing ...
Location
Location
Poland , Krakow
Salary
Salary:
Not provided
allianceautomotive.co.uk Logo
Alliance Automotive UK LV Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Leading and executing all security engineering efforts across GPC
  • Overseeing and implementing security requirements across all global IT portfolio items
  • Defining, promoting, and overseeing the adoption of pre-approved security blueprints
  • Ensuring application security through vulnerability reporting and secure coding practices
  • Directing security practices for a global portfolio of over 1,000 applications and 500+ projects per year
  • Owning and managing security technology stack (SAST, DAST, ASPM, etc.)
  • Maintaining and enforcing security controls across the SDLC
  • Developing and presenting executive-level security reports
  • Leading a team structured into three primary functions: Product Security, Engineering & Software Security, and Security Coordination & Champions Management
  • Exercising full budgetary responsibility for project-based security resourcing and tool allocations
Job Responsibility
Job Responsibility
  • Security Architecture and Engineering
  • Product/Application Security Ownership
  • Executive Communication and Risk Visibility
  • Global Team Leadership and Organizational Structure
  • Budget and Resource Ownership
  • Compliance and Standards Enforcement
  • Key Stakeholder and Project Coordination
  • Fulltime
Read More
Arrow Right