CrawlJobs Logo
Vanta Logo Vanta · IT - Software Development

GRC AI Subject Matter Expert, Product

United States 163000.00 - 192000.00 USD / Year · Job Posted February 21, 2026
Apply Position
Job Link Share

Job Description

As a GRC AI Subject Matter Expert (AI SME), you’ll help make sure our AI features are accurate, auditable, and aligned with real-world compliance standards. You’ll bridge deep GRC knowledge with hands-on AI evaluation, ensuring that every model output we ship is trustworthy, explainable, and customer-ready.

Job Responsibility

  • Design and test prompts: Work with engineers and PMs to shape AI behavior, define edge cases, and review outputs for accuracy and usefulness
  • Own the ground truth: Build and maintain the “truth layer” — datasets and rating guides that represent correct, real-world GRC answers
  • Evaluate and improve quality: Run side-by-side reviews, define launch-readiness criteria, and measure ongoing quality and drift after release
  • Ensure responsible AI use: Help design AI systems that respect privacy, minimize hallucinations, and produce explainable, auditable results
  • Document and teach: Write clear guides, checklists, and examples others can reuse
  • host short training sessions to raise the bar for AI quality across teams
  • Collaborate widely: Partner with Product, Eng, and GTM teams to connect AI improvements directly to customer trust and business impact

Requirements

  • 5-7+ years of GRC or InfoSec experience across frameworks like SOC 2, ISO 27001, HIPAA, PCI DSS, or NIST
  • 1-3 years applying that expertise to AI-assisted workflows - building evaluation sets, reviewing AI outputs, or helping ship AI features
  • Strong understanding of evidence, controls, and compliance workflows (TPRM, risk, policy, customer trust)
  • Skilled at writing clear instructions and evaluation guides others can follow consistently
  • Comfortable working with structured data (Sheets, logs, exports) and translating GRC artifacts into usable AI context
  • Curious, methodical, and motivated to build systems that make AI both smarter and safer
  • Certifications like CISA, CISSP, CCSK, or CIPM/CIPT are a plus
  • Open to using AI to amplify their skills and strengthen their work - demonstrating curiosity, a willingness to learn, and sound judgment in applying AI responsibly to improve efficiency and impact

Nice to have

Certifications like CISA, CISSP, CCSK, or CIPM/CIPT are a plus

What we offer

  • Offers Equity
  • medical benefits
  • 401(k) plan
  • other company perk programs
  • Comprehensive medical, dental, and vision coverage, with 100% of employee-only benefit premiums covered for most medical plans
  • 16 weeks fully-paid Parental Leave for all new parents
  • Health & wellness stipend
  • Remote workspace, internet, and cellphone stipend
  • Commuter benefits for team members who report to the SF and NYC office
  • Family planning benefits
  • Matching 401(k) contribution with immediate vesting
  • Flexible PTO policy, plus 80 hours of Sick Time
  • 11 company-paid holidays
  • Virtual team building activities, lunch and learns, and other company-wide events
Vanta - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

GRC AI Subject Matter Expert, Product

8 matching positions

Product & Data Protection Counsel

Come join the company that is reinventing cloud security and empowering business...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
wiz.io Logo
Wiz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A minimum of 3 years of experience in an in-house product counsel role
  • Technical understanding of the development and functionality of SaaS products
  • Familiarity with privacy, data protection, and IP laws, as well as practical issues including AI, open source, and export control
  • Experience negotiating and drafting commercial agreements, including SaaS and integration agreements, with a focus on privacy and security terms
  • Excellent ability to communicate legal requirements to a non-legal audience and identify practical solutions
  • Proven ability to collaborate effectively with other teams, including Security, GRC, Product, and R&D
  • Strong operational and organizational skills with experience building and managing processes
  • Strong research and analytical skills
  • Fluency in English is a must
Job Responsibility
Job Responsibility
  • Work as part of the Wiz Product & Data Protection Team, with members based in Israel and the US
  • Act as a key partner and advisor to Wiz’s Product and R&D teams, advising on legal, commercial, regulatory, and data protection aspects throughout the product lifecycle
  • Assess, mitigate, and manage risks related to the product lifecycle and serve as a subject matter expert on product issues
  • Handle reviews of new product features and processing activities from a privacy, data protection, and compliance perspective
  • Review and negotiate product-related vendor and integration agreements
Read More
Arrow Right

Post-Sales GRC Subject Matter Expert

As a Post-Sales Subject Matter Expert, GRC at Vanta, you will be a highly visibl...
Location
Location
United States
Salary
Salary:
163000.00 - 192000.00 USD / Year
vanta.com Logo
Vanta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Deep understanding of security, privacy, and AI governance frameworks (SOC 2, ISO 27001, ISO 42001, HITRUST, HIPAA, GDPR, NIST AI RMF, etc.) including experience either auditing, or participating in a cybersecurity audit
  • The ability to perform control mapping exercises for net-new frameworks, including policies to controls, risks to controls, etc.
  • Problem-solving skills in a fast-paced environment
  • Passion for leveraging AI and automation to advance GRC and risk management maturity
  • Ability to translate complex compliance requirements into actionable technical guidance for SaaS environments
  • Familiarity with cloud infrastructure, version control systems, risk management, vulnerability management, and their related security processes
  • Experience in building productive relationships and driving collaboration with both technical and non-technical teams
  • Knowledge of the cybersecurity audit process
  • Security compliance management experience within a SaaS environment preferred, but not required
  • Sales Engineering or Technical Support experience preferred, but not required
Job Responsibility
Job Responsibility
  • Partner with the Vanta's Sales and Customer Success teams to represent Vanta’s Trust Management Platform to prospects and customers
  • Facilitate onboarding and implementation of Vanta for new customers
  • Engage with executives and sr. staff at prospect and customer organizations to establish relationships with customer's Security and Compliance points of contact
  • Become an expert on the security features available for customers to deploy within Vanta, including best practices for implementation
  • Use your expert knowledge of compliance frameworks like SOC 2 and ISO 27001 to advise customers regarding questions about scoping, policy creation, detailed control requirements and security best practices
  • Collaborate with Vanta’s EPD (Product) team to improve processes and enable faster and more seamless experiences for our customers
  • Identify requirements that would enable additional customer use cases and drive implementation of customer requirements with relevant stakeholders
  • Provide input and feedback on the development of security and GRC product features for Vanta’s customers
  • Answer questions for internal and external stakeholders about security and compliance
What we offer
What we offer
  • Offers Equity
  • medical benefits
  • 401(k) plan
  • other company perk programs
  • Comprehensive medical, dental, and vision coverage, with 100% of employee-only benefit premiums covered for most medical plans
  • 16 weeks fully-paid Parental Leave for all new parents
  • Health & wellness stipend
  • Remote workspace, internet, and cellphone stipend
  • Commuter benefits for team members who report to the SF and NYC office
  • Family planning benefits
  • Fulltime
Read More
Arrow Right

Lead Security Architect

We are looking for a Lead Security Architect to define and evolve the company’s ...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
instadeep.com Logo
InstaDeep
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in enterprise and cloud security architecture
  • 5+ years in identity, access, and network trust design
  • 3+ years facilitating threat modeling and secure design reviews
  • Strong experience defining architecture standards and translating principles into practical patterns
  • Experience working across enterprise IT, cloud platforms, infrastructure, and product environments
  • Experience engaging with senior stakeholders across technical and non-technical functions
  • Security architecture at enterprise and cloud scale
  • Zero Trust and IAM architecture
  • Secure integration and trust-boundary design
  • Threat modeling and architecture review governance
Job Responsibility
Job Responsibility
  • Security architecture leadership
  • Define architecture principles and implementation patterns for Zero Trust, identity, authorization, trust boundaries, segmentation, secure integration, and secure access
  • Set the strategic direction for enterprise, cloud, and data security architecture
  • Define target-state architecture for Enterprise IT, Cloud, and Infrastructure, including IAM and identity trust models, reverse proxy and secure access architecture, network and data segmentation, cloud-native control patterns
  • Lead the development of architecture standards for secure integration between IT and product environments
  • Partner closely with Global IT Security Engineering on IAM, endpoint, VPN, reverse proxy, and access-tool integration
  • Define security architecture for AI/ML workflows, cloud-native data platforms, and ML pipelines
  • Establish and maintain AI/ML trust-boundary models
  • Support architecture and product teams on secure AI adoption
  • Shape standards for data governance and access design, ML pipeline trust boundaries, model and data protection patterns, secure use of AI assistants and AI-enabled workflows
  • Fulltime
Read More
Arrow Right

Technical Program Manager, Corporate Engineering

As a Technical Program Manager on the Corporate Engineering team, you’ll lead co...
Location
Location
United States
Salary
Salary:
140000.00 - 165000.00 USD / Year
vanta.com Logo
Vanta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience managing complex, cross-functional programs in fast-paced, high-growth environments
  • Strong program management skills with the ability to run multiple initiatives simultaneously
  • Comfort operating in ambiguity and bringing clarity where none exists
  • Experience partnering with technical, security, legal, and business teams
  • Strong written and verbal communication skills, with the ability to tailor messages to diverse audiences
  • Ability to balance innovation with operational rigor and risk management
  • Familiarity with enterprise tooling ecosystems (e.g., Google Workspace, collaboration tools, IAM)
  • Open to using AI to amplify their skills and strengthen their work - demonstrating curiosity, a willingness to learn, and sound judgment in applying AI responsibly to improve efficiency and impact.
Job Responsibility
Job Responsibility
  • Lead internal AI initiatives from concept through execution, including use case discovery, pilot coordination, rollout planning, and adoption tracking
  • Partner with Security, Legal, and GRC to support safe, responsible AI use, including policy alignment, tooling guardrails, and change management
  • Coordinate cross-functional stakeholders to evaluate AI tools and integrations that improve productivity and operational efficiency
  • Bring structure to ambiguous AI initiatives by defining goals, success metrics, timelines, and ownership
  • Support internal education, enablement, and documentation related to tools and best practices
  • Lead strategic Corporate Engineering initiatives beyond AI, including tooling improvements, workflow optimization, and operational programs
  • Partner with cross-functional teams to identify needs, engage subject matter experts, and align solutions with business and operational goals
  • Provide program management rigor across multiple concurrent initiatives, ensuring timely delivery and clear communication
  • Communicate effectively across all levels of the organization, including senior leadership, tailoring messaging to different audiences
  • Lead change management for new tools and initiatives, including rollout planning, training, and adoption support
What we offer
What we offer
  • Offers Equity
  • medical benefits
  • 401(k) plan
  • other company perk programs
  • Comprehensive medical, dental, and vision coverage, with 100% of employee-only benefit premiums covered for most medical plans
  • 16 weeks fully-paid Parental Leave for all new parents
  • Health & wellness stipend
  • Remote workspace, internet, and cellphone stipend
  • Commuter benefits for team members who report to the SF and NYC office
  • Family planning benefits
  • Fulltime
Read More
Arrow Right

Grc Specialist Senior

The GRC Specialist Senior is responsible for conducting security assessments, co...
Location
Location
United States , Coral Gables
Salary
Salary:
Not provided
citynational.com Logo
City National Bank of WV
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-7 years of of applied work experience in cyber security compliance management, cyber security programs, data engineering, analytics or integration, audits, assessments, risk and remediation
  • Knowledge of AI concepts (LLMs, prompt design, limitations, hallucinations, etc.)
  • Knowledge of information security management, governance, and compliance principles, practices, laws, rules, regulations, and frameworks such as GLBA, FFIEC, and NIST
  • Knowledge of IT systems and processes, network infrastructure, data architecture, and protocols
  • Skill in applying cyber and cloud security frameworks, architecture, design, operations, controls, and service orchestration
  • Proficiency in Microsoft Office products (Word, Excel, PowerPoint)
  • Ability to develop and implement enterprise governance, risk, and compliance strategies and solutions
  • Ability to research and locate information related to internal and external organizations using online and other sources
  • Skill in security project management and planning
  • Ability to maintain confidentiality and handle sensitive information appropriately
Job Responsibility
Job Responsibility
  • Coordinate risk and control self-assessments with IT and cybersecurity subject matter experts and enterprise risk management team
  • Conduct control testing and document results to identify potential gaps in control design and/or control operating effectiveness
  • Collaborate with GRC, engineering, SecOps, IT operations, and BCP teams to define requirements and ensure scalable, secure, and maintainable AI-driven automation solutions
  • Identify opportunities to develop automated solutions using Microsoft Copilot, Power Automate, or another approved automation tool
  • Develop and maintain cybersecurity and IT policies, standards, procedures, program metrics and help develop automated compliance reports and risk metrics for executive leadership, to improve decision-making and reduce operational risk
  • Coordinate work assignments with process owners, control owners, external auditors, and consultants, ensuring issues are documented, monitored, and resolved
  • Advise internal stakeholders on internal control design for ongoing risk mitigation of information systems based on regulatory requirements and best practices
  • Communicate security issues and risks effectively to diverse audiences and ensure compliance with applicable controls based on a unified framework
  • Identify and correct process gaps proactively, recommending improvements to advance the Bank’s information security program maturity in alignment with company goals
  • Guide program leaders on risk remediation efforts, ensuring adequacy of response and timeliness based on risk severity
What we offer
What we offer
  • Medical, dental, and vision plans with employer contributions
  • 401(k) with matching
  • Generous PTO and paid holidays
  • Access to mental health and financial wellness resources
  • Tuition Reimbursement
  • Flex Time
  • Fulltime
Read More
Arrow Right
New

Marketing & Communication Manager

The Marketing and Communications Manager is part of an important team that creat...
Location
Location
Indonesia , Surabaya
Salary
Salary:
Not provided
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2-year degree from an accredited university in Marketing, Public Relations, Business Administration or related major and 4 years experience in the sales, marketing, digital or related professional area
  • hospitality marketing or digital advertising experience preferred OR 4-year bachelor's degree in Marketing, Public Relations, Business, or related major
  • 2 years experience in the sales, marketing, digital or related professional area
  • hospitality marketing or digital advertising agency experience preferred.
Job Responsibility
Job Responsibility
  • Executes annual marketing plan to budget, in consultation with the GM, Food and Beverage leader, Operations leaders, Director of Marketing Communications, and cluster marketing and ecommerce teams
  • Partners with Operations, Food & Beverage and Sales teams to execute promotions and campaigns to target in-house guests with promotions that drive incremental revenue to the hotel
  • Acts as the liaison between the marketing department and advertising agency on the tactical advertising campaigns' creative and media plans, particularly for food and beverage promotions
  • Manages F&B media schedules and verifies prompt settlement of accounts
  • Partners with property Revenue Management to verify correct offer loading, verifying advertisement targeting is correctly directed at relevant consumer groups
  • Executes email marketing, and display advertising
  • Maintains frequent, active engagement with Cluster eCommerce manager to verify alignment, pull-through, and 2-way communication about the status, performance evaluation, opportunities, and issues related to online programs and initiatives
  • Verifies all advertising for the hotel in digital channels is in alignment with brand voice
  • Facilitates social media engagement and updating content in local digital channels
  • Develops and executes promotions campaign in F&B, weddings, spa, rooms and conferences through relevant digital and social media channels
  • Fulltime
Read More
Arrow Right
New

Housekeeper

Here at Community Integrated care we are looking to fill a Housekeeper role. You...
Location
Location
United Kingdom , Cheadle
Salary
Salary:
12.71 GBP / Hour
communityintegratedcare.co.uk Logo
Community Integrated Care
Expiration Date
June 30, 2026
Flip Icon
Requirements
Requirements
  • Experience in providing cleaning and domestic services within a care home or similar environment
  • Education to GCSE standard or equivalent
  • Qualification in dementia care or social care (desirable)
  • Strong interpersonal and communication skills
  • Ability to maintain clear and accurate records
  • Excellent organisational skills and attention to detail
  • Full and clear understanding of relevant legislation, including COSHH (Control of Substances Hazardous to Health) and Health and Safety at Work Act
Job Responsibility
Job Responsibility
  • Providing cleaning and domestic services in a care home or similar environment
What we offer
What we offer
  • Work doing the things you enjoy
  • Work for a multi award-winning Charity that invests all it profits right back
  • Managed by supportive leaders
  • 28 Days annual leave inclusive of statutory bank holidays
  • Pension Scheme
  • No uniform - we wear our casual clothes
  • Flexible Working Hours & Shift patterns
  • We will pay for your DBS / PVG
  • We are based in one location, so no need to be a car driver
  • Guaranteed & Contracted Hours
  • Parttime
Read More
Arrow Right
New

MDS Coordinator (RN / LPN)

The ideal MDS Candidate is very detailed orientated, organized, self-motivated, ...
Location
Location
United States , Tompkinsville
Salary
Salary:
Not provided
ltcrevolution.com Logo
Signature HealthCARE, LLC
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Registered Nurse or License Practical Nurse with required current state licensure
  • Minimum three (3) years of clinical experience in a health care setting
  • long-term care setting preferred
  • Minimum one (1) year of MDS experience
Job Responsibility
Job Responsibility
  • Collect information to complete the MDS using the medical record, bedside assessment, and staff, resident and/or family interviews
  • Participate in Daily PPS meetings, weekly Medicare meetings, and month end meetings to assure federal billing requirements are met
  • Review Plan of Care at least quarterly and with each Comprehensive Assessment to assure changes during the quarter are included and updated
  • Provide ongoing education of the RAI process to all interdisciplinary team members, direct and indirect caregivers, business office, etc. with all changes and as appropriate
What we offer
What we offer
  • Medical, Dental and Vision
  • Voluntary Life/Disability
  • 401(K) and Roth 401(K)
  • Tuition Forgiveness/Education Reimbursement
  • Pay Advance and Next Day Pay
  • Paid Time Off (PTO)
  • Signature Inspire Foundation offers stakeholder emergency assistance and comprehensive scholarship opportunities
  • Reward & Recognition Program (HEART)
  • Vital Links
  • Fulltime
Read More
Arrow Right