CrawlJobs Logo

Global GRC Lead

160000.00 - 210000.00 USD / Year · Job Posted February 18, 2026
Apply Position
Job Link Share

Job Description

Monte Carlo is seeking our first Global GRC Manager to lead our compliance efforts in a cloud-first environment. You’ll be instrumental in driving our governance, risk, and compliance initiatives and ensuring we continue to meet our customer, industry, and regulatory requirements. In this role, you will engage with customers, vendors, and internal stakeholders to oversee a wide array of compliance activities and security reviews. Although this is an individual contributor position, you will serve as a lead in your domain, leveraging your expertise to collaborate across the organization and drive critical initiatives.

Job Responsibility

  • Manage and respond to customer security reviews, questionnaires, and audits
  • Serve as the primary liaison for security-related inquiries from prospects, customers, and partners
  • Oversee ongoing compliance initiatives (SOC 2, ISO 27001, 27017, 27018, GDPR etc.) and maintain the risk register
  • Collaborate with cross-functional teams (Engineering, Sales, Product, HR) on risk management strategies
  • Evaluate third-party vendors, manage due diligence processes, and coordinate remediation actions
  • Develop, refine, and maintain security and compliance policies, procedures, and standards
  • Support and promote security awareness initiatives, including employee training and phishing simulations
  • Lead and coordinate internal and external audits, ensuring continuous improvement in controls

Requirements

  • Deep GRC Expertise: extensive knowledge of common frameworks (SOC 2, ISO 27001, NIST, GDPR, etc.) and experience managing end-to-end audit processes
  • Strong Communication Skills: translate security jargon into business language and effectively manage customer and vendor communications
  • Risk Management Mindset: balance business objectives with security requirements, prioritizing risk mitigation in a way that aligns with company goals
  • Team Player: thrive in cross-functional environments, effectively collaborating with engineering, legal, product, and other teams
  • Adaptability: flourish in a fast-paced environment, pivoting quickly when new threats, requirements, or business needs emerge
  • 5+ years of experience in a GRC or compliance-focused role, ideally in a SaaS or technology company
  • Proven track record of managing third-party risk assessments, vendor security reviews, and compliance audits
  • Expertise in compliance frameworks such as SOC 1/2, ISO 27001| 27017 | 27018 | 27701 | 42001, and GDPR
  • Relevant certifications (e.g., CISA, CISSP, CRISC, or CISM) are highly desirable
  • Excellent written and verbal communication skills with a strong attention to detail
  • Bachelor’s degree in Information Security, Cybersecurity, or a related field (or equivalent experience)

What we offer

  • Stock Options
  • Healthcare plans
  • 401k Retirement Plan
  • Wellness Stipend
  • Home Office Stipend
  • Cell Phone or WIFI reimbursement
  • Paid Parental Leave
  • Flexible Time Off
  • Generous Travel Policy
  • Offers Equity

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Global GRC Lead

8 matching positions

Global Privacy GRC Senior Specialist

We are seeking a privacy and digital trust professional to ensure the effective ...
Location
Location
Romania , Bucuresti
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Results-oriented, proactive, pragmatic, and ethical, with a strong interest in privacy, programme management, and the societal impact of technology
  • Experienced in solving complex problems within large, technology-driven and regulated organisations, creating practical and repeatable solutions
  • An effective communicator with strong presentation and stakeholder engagement skills
  • Comfortable working in a matrix environment, with the ability to navigate ambiguity and competing priorities
  • Resilient and persistent, with the confidence to challenge constructively and deliver difficult messages when required
  • Highly knowledgeable in privacy and data protection laws and regulations
  • Experienced in programme management within complex, multinational organisations
  • Skilled in compliance and risk management frameworks and methodologies
  • Experienced within the technology or telecommunications sector in a global, matrix organisation
Job Responsibility
Job Responsibility
  • Prepare high-quality materials for key oversight forums, including the Group Risk and Compliance Committee, Group Policy and Compliance Committee, and Group Audit & Risk Committee
  • Oversee the annual second line assurance process for VGSL and other relevant Group entities, including contribution to the annual CEO attestation
  • Monitor and track risk mitigating actions across the business, working with risk owners to ensure privacy controls are understood and operate effectively
  • Produce regular KPI reporting with insightful analysis, including data breach trends and the impact of regulatory developments on the privacy programme
  • Plan, manage, and monitor initiatives that drive the privacy agenda, including the development and delivery of the Privacy & Digital Trust Annual Plan
  • Measure and report functional operational performance to leadership, tracking actions identified to improve outcomes
  • Track and report on internal audit actions owned by the Global Privacy Officer and the Global Privacy & Digital Trust team against agreed timelines
  • Drive operational governance with domain leads and provide clear, consistent reporting to stakeholders
  • Continuously review, simplify, standardise, centralise, and automate privacy and digital trust policies, processes, and tools, in collaboration with the wider Compliance function
  • Monitor external regulatory and industry trends, translating these into impact assessments and change proposals for relevant stakeholders
What we offer
What we offer
  • Hybrid way of working: 2 days from office per week (8 per month)
  • Medical and dental services
  • Life and hospitalization insurance
  • Dedicated employee phone subscription
  • Take control of your benefits and choose any of the following options: meal tickets / private pension / vacation vouchers / cultural vouchers - within the budget
  • Special discounts for gyms and retailers
  • Annual Company Bonus
  • Ongoing Education
  • You get to work with tried and trusted web-technology
  • 23 days off
  • Fulltime
Read More
Arrow Right

Director, Security GRC Program Lead

Meta is seeking a highly skilled Security GRC Program Manager to join our Risk O...
Location
Location
United States , Bellevue
Salary
Salary:
227000.00 - 287000.00 USD / Year
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Significant experience as a leader and contributor in security risk management and compliance, including providing second-line oversight
  • Strong track record of operating effectively and influencing outcomes with Engineering, Product, GRC, and Legal partners
  • Extensive experience with Governance, Risk, and Compliance (GRC) and Legal functions
  • Deep expertise in security, with the ability to holistically understand relevant issues, partners, and products, and go deep on technical details
  • Proven ability to identify critical issues, balance competing priorities, translate technical and regulatory concepts for diverse audiences, and personally drive initiatives to completion
  • In-depth knowledge of complex global regulatory requirements (e.g., GDPR, SEC, PCI-DSS, NYDFS)
  • Demonstrated ability to build strong formal and informal networks with key influencers and decision makers inside and outside the company
  • Experience working in integrated privacy-security environments or familiarity with unified GRC frameworks across multiple risk domains
Job Responsibility
Job Responsibility
  • Lead and deliver on deeply complex, high-impact projects that shape Meta's risk profile and business trajectory
  • Proactively identify long-term, critical, and ambiguous problems, setting a clear vision and strategy for risk management in alignment with company goals
  • Partner with Central Security teams to analyze, streamline, and consolidate issues and risks from all sources (1LoD, 2LoD, 3LoD, external) into a clear, prioritized list for first-line-of-defense consumption and actioning
  • Integrate security risk management with Meta's Security Prioritization Framework (SPF) and contribute to capability maturity assessments to drive risk-based prioritization across the organization
  • Define and maintain clear interfaces and points of contact with the Security organization and other key partners, ensuring efficient governance and communication
  • Prepare regular updates and compliance documents to ensure Meta meets board and regulatory obligations, adapting processes and strategies to evolving regulatory and business environments
  • Drive cross-org execution, collaborating with Risk, Security, Legal, Product, and Engineering functions to deliver results and maximize impact
  • Champion organizational efforts to build and sustain diversity, culture, recruitment, onboarding, mentoring, and development programs, serving as a role model and mentor for others
  • Integrate learnings and best practices from/to sister 2LoD organizations (e.g., Integrity GRC, Privacy GRC), and partner with Product & Engineering teams on necessary second-line-of-defense tooling within the unified GRC framework
What we offer
What we offer
  • bonus
  • equity
  • benefits
Read More
Arrow Right
New

It Project Manager - Legal And Compliance

We are seeking an experienced Legal & Compliance IT Project Manager to lead and ...
Location
Location
United Kingdom
Salary
Salary:
Not provided
talenthawk.com Logo
TalentHawk
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven track record delivering compliance, privacy, governance, legal technology, or risk management projects from initiation through to successful completion
  • Experience delivering projects such as: Governance, Risk and Compliance (GRC) implementations
  • Privacy and data protection programmes
  • Contract Lifecycle Management (CLM) deployments
  • Compliance and governance transformation initiatives
  • Document, records, or case management implementations
  • Experience working directly with Legal, Compliance, Privacy, Risk, Governance, or Quality functions
  • Strong project delivery experience across complex enterprise environments
  • PMP and/or PRINCE2 Practitioner certification
  • Agile certification such as: PMI-ACP
Job Responsibility
Job Responsibility
  • Lead the end-to-end delivery of Legal, Compliance, Privacy, Governance, and Risk technology projects
  • Manage system implementations, upgrades, migrations, and business process transformation initiatives
  • Partner closely with senior stakeholders across Legal, Compliance, Risk, Privacy, Quality, and Governance functions to define requirements and ensure successful project outcomes
  • Manage project scope, budgets, timelines, resources, risks, dependencies, and governance activities
  • Coordinate internal teams, external vendors, system integrators, and third-party service providers
  • Ensure solutions meet regulatory, audit, and data integrity requirements
  • Drive project governance, status reporting, stakeholder engagement, and executive communications
  • Support testing, validation, change management, training, deployment, and post-go-live activities
  • Ensure appropriate controls, documentation, and audit readiness throughout the project lifecycle
  • Deliver projects across complex global and multi-regional business environments
  • Fulltime
Read More
Arrow Right

Cyber Security Operations Manager

We are seeking a Security Operations Manager to lead and strengthen Frasers Grou...
Location
Location
United Kingdom , Mansfield
Salary
Salary:
Not provided
sportsdirect.com Logo
Sports Direct
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years experience in a similar role with technical expertise and leadership experience in a SOC environment
  • Strong knowledge of threat detection and incident response
  • Passionate about protecting enterprise and OT environments in a complex, global organisation
  • Experience with SOAR/automation
  • Strong communication skills and experience building relationships across departments
Job Responsibility
Job Responsibility
  • Lead and develop the internal SOC team, fostering a proactive, high-performing security operations culture
  • Oversee monitoring and detection across enterprise IT, cloud, and operational technology systems, ensuring alerts and incidents are appropriately managed and escalated
  • Participate in on-call rotations, providing guidance and response expertise during security events
  • Ensure SOC detection tools and capabilities are up-to-date and aligned with evolving threat landscapes
  • Collaborate with vulnerability management, incident response, and GRC teams to integrate risk-informed security operations practices
  • Drive continuous improvement of SOC processes, playbooks, and metrics to enhance operational efficiency and threat visibility
  • Support compliance and regulatory requirements (e.g., PCI DSS), reducing the organisation's overall risk exposure
What we offer
What we offer
  • Frasers Champion - peer nominated scheme where 8 winners will receive double their pay for a month
  • Retail Reconnect - one to two days in a store or warehouse each financial year
  • Fearless 1200 - reward linked to performance and values
  • Frasers Fit - free gym classes and discounted memberships
  • Retail Trust - free access to 24 hour wellbeing helpline, wellness hub, counselling and financial/legal support
  • Fulltime
Read More
Arrow Right

Lead Counsel, Commercial

Scale is powering the generative AI wave — from the world-class data fueling fro...
Location
Location
United States , New York
Salary
Salary:
227200.00 - 284000.00 USD / Year
scale.com Logo
Scale
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • J.D. from an accredited law school and admission to the New York State Bar in good standing
  • 5+ years of combined law firm and in-house experience with training in commercial agreements
  • Experience partnering with Sales, guiding negotiation cycles, and closing high-impact revenue deals
  • Experience drafting and negotiating complex enterprise licensing, services, and data processing agreements
  • An ability to communicate clearly and concisely with business and technical audiences and effectively translate legal concepts for non-lawyers
  • A collaborative and low-ego approach to working across the organization, with a 'roll-up-your-sleeves' attitude towards tackling novel legal issues
  • Deep interest in artificial intelligence, machine learning technology, generative AI, and AI applications
Job Responsibility
Job Responsibility
  • Draft, review, and negotiate master services agreements with Fortune 500 and other companies, working closely with our sales, product, and engineering organizations to close revenue deals
  • Draft, review, and negotiate a wide range of other agreements, including partnership, reseller and vendor agreements as well as data processing agreements
  • Partner closely with our GTM teams to drive deals and the business forward
  • Serve as a trusted legal advisor and business accelerator by providing practical legal counsel to sales, product, engineering, and marketing teams
  • Assess legal risk and advise the business accordingly
  • Design, implement, and iterate on policies and processes to manage legal and business risk on a global scale
What we offer
What we offer
  • Comprehensive health, dental and vision coverage
  • Retirement benefits
  • Learning and development stipend
  • Generous PTO
  • Equity based compensation
  • Commuter stipend
  • Fulltime
Read More
Arrow Right

It Governance, Risk And Controls Manager

We are partnered with a leading global beverage solutions provider who are looki...
Location
Location
United States , Tampa
Salary
Salary:
130000.00 - 150000.00 USD / Year
apollo-solutions.com Logo
Apollo Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of relevant experience, including IT SOX within a US-listed environment
  • Strong experience in IT Risk, IT audit, or risk management within a large or global organisation (manufacturing experience is essential)
  • Deep knowledge of SOX compliance, IT general controls (ITGCs), and control frameworks
  • Experience with ERP systems, ideally SAP, and understanding of system control environments
  • Professional certifications such as CPA, CIA, CISA, or CRISC
  • Strong stakeholder management and communication skills
  • Analytical mindset with the ability to assess complex risks and controls
  • Highly organised with strong project and program management capabilities
Job Responsibility
Job Responsibility
  • Lead comprehensive IT risk assessments across applications, infrastructure, and data environments
  • Develop and maintain risk registers, identifying key threats, impacts, and mitigation strategies
  • Own and enhance SOX compliance processes, including RCM maintenance and control testing
  • Evaluate application controls, interfaces, data transfers, and report accuracy (IPE validation)
  • Monitor and manage third-party risk, developing and implementing risk frameworks
  • Oversee IT disaster recovery planning, testing, and audit readiness
  • Assess cybersecurity posture and evaluate the impact of incidents on controls and reporting
  • Ensure compliance with regulatory frameworks such as SOX and NIST
  • Partner with IT and business stakeholders to remediate risks and strengthen controls
  • Support internal and external audits and deliver GRC training initiatives
  • Fulltime
Read More
Arrow Right

Manager, Third Party Risk Management

We are seeking an experienced Third-Party Risk Management (TPRM) Manager to own ...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
arrive.com Logo
Arrive
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 12+ years of experience in information security, risk management, GRC, or third-party risk management
  • Proven experience leading or owning a Third-Party Risk Management program in a complex, global organization
  • Strong understanding of ISO 27001, NIS2, SIG, and vendor risk frameworks
  • Proven experience assessing SaaS, cloud, and technology vendors
  • Experience partnering with Legal and Procurement teams
  • Experience maintaining risk registers and executive-level reporting
  • Strong stakeholder communication and presentation skills
  • Experience supporting audits and regulatory compliance activities
Job Responsibility
Job Responsibility
  • Lead security risk assessments for new and existing third parties (SaaS, cloud, fintech vendors, payment processors)
  • Review and analyze vendor certifications and assurance artifacts (ISO 27001, SOC 1/2, PCI DSS, GDPR documentation)
  • Evaluate third-party control effectiveness and document risk findings
  • Drive remediation tracking and closure with vendors and internal stakeholders
  • Maintain and mature standardized third-party assessment frameworks
  • Translate technical findings into business-aligned risk insights
  • Advise leadership on risk acceptance, mitigation, and compensating controls
  • Maintain a defensible third-party risk register and reporting structure
  • Support procurement decisions through risk scoring and tiering models
  • Partner with Legal and Procurement to embed security requirements in contracts (MSA, DPA, security addendums)
  • Fulltime
Read More
Arrow Right

Sap Rgc Role Designer-Vois

We are seeking an experienced SAP Security Role Design Specialist to play a crit...
Location
Location
India , Pune
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Analyse SAP security solutions received from system integrators to ensure all user access and security requirements are met
  • Design, build, and test consistent global SAP roles for EVO systems, aligned to SAP best practices
  • Ensure all designed roles are accurately maintained within the EVO SAP Roles Catalogue
  • Govern user access processes in line with Global IT controls, SOX requirements, and compliance policies
  • Act as the RGC representative within the EVO demand process, supporting change requests and enhancements
  • Collaborate with global project managers, system integrators, and process leads to ensure security aspects are delivered within agreed timelines
  • Support testing and go-live activities for SAP role changes and new role implementations
  • Identify opportunities for continuous improvement and drive enhancements in SAP security role design and access management
  • Serve as a point of contact for global teams on SAP security role design, issue resolution, and process optimisation
  • An individual with strong experience translating business requirements into effective SAP security role designs
Job Responsibility
Job Responsibility
  • Analyse SAP security solutions received from system integrators to ensure all user access and security requirements are met
  • Design, build, and test consistent global SAP roles for EVO systems, aligned to SAP best practices
  • Ensure all designed roles are accurately maintained within the EVO SAP Roles Catalogue
  • Govern user access processes in line with Global IT controls, SOX requirements, and compliance policies
  • Act as the RGC representative within the EVO demand process, supporting change requests and enhancements
  • Collaborate with global project managers, system integrators, and process leads to ensure security aspects are delivered within agreed timelines
  • Support testing and go-live activities for SAP role changes and new role implementations
  • Identify opportunities for continuous improvement and drive enhancements in SAP security role design and access management
  • Serve as a point of contact for global teams on SAP security role design, issue resolution, and process optimisation
What we offer
What we offer
  • Opportunity to work at the centre of Vodafone’s global EVO transformation programme
  • Exposure to large-scale, complex SAP environments with a significant global user base
  • Collaboration with international teams, system integrators, and senior stakeholders
  • A role with real impact on business security, compliance, and operational integrity
  • A supportive environment that values continuous improvement and knowledge sharing
  • Fulltime
Read More
Arrow Right