CrawlJobs Logo

GRC AI Subject Matter Expert, Product

United States 163000.00 - 192000.00 USD / Year · Job Posted February 21, 2026
Apply Position
Job Link Share

Job Description

As a GRC AI Subject Matter Expert (AI SME), you’ll help make sure our AI features are accurate, auditable, and aligned with real-world compliance standards. You’ll bridge deep GRC knowledge with hands-on AI evaluation, ensuring that every model output we ship is trustworthy, explainable, and customer-ready.

Job Responsibility

  • Design and test prompts: Work with engineers and PMs to shape AI behavior, define edge cases, and review outputs for accuracy and usefulness
  • Own the ground truth: Build and maintain the “truth layer” — datasets and rating guides that represent correct, real-world GRC answers
  • Evaluate and improve quality: Run side-by-side reviews, define launch-readiness criteria, and measure ongoing quality and drift after release
  • Ensure responsible AI use: Help design AI systems that respect privacy, minimize hallucinations, and produce explainable, auditable results
  • Document and teach: Write clear guides, checklists, and examples others can reuse
  • host short training sessions to raise the bar for AI quality across teams
  • Collaborate widely: Partner with Product, Eng, and GTM teams to connect AI improvements directly to customer trust and business impact

Requirements

  • 5-7+ years of GRC or InfoSec experience across frameworks like SOC 2, ISO 27001, HIPAA, PCI DSS, or NIST
  • 1-3 years applying that expertise to AI-assisted workflows - building evaluation sets, reviewing AI outputs, or helping ship AI features
  • Strong understanding of evidence, controls, and compliance workflows (TPRM, risk, policy, customer trust)
  • Skilled at writing clear instructions and evaluation guides others can follow consistently
  • Comfortable working with structured data (Sheets, logs, exports) and translating GRC artifacts into usable AI context
  • Curious, methodical, and motivated to build systems that make AI both smarter and safer
  • Certifications like CISA, CISSP, CCSK, or CIPM/CIPT are a plus
  • Open to using AI to amplify their skills and strengthen their work - demonstrating curiosity, a willingness to learn, and sound judgment in applying AI responsibly to improve efficiency and impact

Nice to have

Certifications like CISA, CISSP, CCSK, or CIPM/CIPT are a plus

What we offer

  • Offers Equity
  • medical benefits
  • 401(k) plan
  • other company perk programs
  • Comprehensive medical, dental, and vision coverage, with 100% of employee-only benefit premiums covered for most medical plans
  • 16 weeks fully-paid Parental Leave for all new parents
  • Health & wellness stipend
  • Remote workspace, internet, and cellphone stipend
  • Commuter benefits for team members who report to the SF and NYC office
  • Family planning benefits
  • Matching 401(k) contribution with immediate vesting
  • Flexible PTO policy, plus 80 hours of Sick Time
  • 11 company-paid holidays
  • Virtual team building activities, lunch and learns, and other company-wide events

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

GRC AI Subject Matter Expert, Product

8 matching positions

Post-Sales GRC Subject Matter Expert

As a Post-Sales Subject Matter Expert, GRC at Vanta, you will be a highly visibl...
Location
Location
United States
Salary
Salary:
163000.00 - 192000.00 USD / Year
vanta.com Logo
Vanta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Deep understanding of security, privacy, and AI governance frameworks (SOC 2, ISO 27001, ISO 42001, HITRUST, HIPAA, GDPR, NIST AI RMF, etc.) including experience either auditing, or participating in a cybersecurity audit
  • The ability to perform control mapping exercises for net-new frameworks, including policies to controls, risks to controls, etc.
  • Problem-solving skills in a fast-paced environment
  • Passion for leveraging AI and automation to advance GRC and risk management maturity
  • Ability to translate complex compliance requirements into actionable technical guidance for SaaS environments
  • Familiarity with cloud infrastructure, version control systems, risk management, vulnerability management, and their related security processes
  • Experience in building productive relationships and driving collaboration with both technical and non-technical teams
  • Knowledge of the cybersecurity audit process
  • Security compliance management experience within a SaaS environment preferred, but not required
  • Sales Engineering or Technical Support experience preferred, but not required
Job Responsibility
Job Responsibility
  • Partner with the Vanta's Sales and Customer Success teams to represent Vanta’s Trust Management Platform to prospects and customers
  • Facilitate onboarding and implementation of Vanta for new customers
  • Engage with executives and sr. staff at prospect and customer organizations to establish relationships with customer's Security and Compliance points of contact
  • Become an expert on the security features available for customers to deploy within Vanta, including best practices for implementation
  • Use your expert knowledge of compliance frameworks like SOC 2 and ISO 27001 to advise customers regarding questions about scoping, policy creation, detailed control requirements and security best practices
  • Collaborate with Vanta’s EPD (Product) team to improve processes and enable faster and more seamless experiences for our customers
  • Identify requirements that would enable additional customer use cases and drive implementation of customer requirements with relevant stakeholders
  • Provide input and feedback on the development of security and GRC product features for Vanta’s customers
  • Answer questions for internal and external stakeholders about security and compliance
What we offer
What we offer
  • Offers Equity
  • medical benefits
  • 401(k) plan
  • other company perk programs
  • Comprehensive medical, dental, and vision coverage, with 100% of employee-only benefit premiums covered for most medical plans
  • 16 weeks fully-paid Parental Leave for all new parents
  • Health & wellness stipend
  • Remote workspace, internet, and cellphone stipend
  • Commuter benefits for team members who report to the SF and NYC office
  • Family planning benefits
  • Fulltime
Read More
Arrow Right

Senior Information Security Engineer

SmartRecruiters is looking for a Senior Information Security Engineer to join th...
Location
Location
Poland
Salary
Salary:
Not provided
smartrecruiters.com Logo
SmartRecruiters
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in information security, governance, risk, and/or compliance roles with a technical orientation
  • Demonstrated compliance or auditing experience with at least one major framework
  • Solid understanding of controls auditing principles and evidence management
  • Knowledge of risk management methodologies and experience conducting or supporting risk assessments
  • Ability to manage and deliver on multiple complex projects simultaneously, with minimal supervision
  • The ability to investigate, question, and interpret internal and external IT security and compliance issues at both a governance and technical level
  • A strong understanding of technology, cloud-based products, and SaaS environments
  • Experience working across business units and geographical boundaries to engage engineering, business, and operational teams
  • Experience with ISO 27001
  • Excellent written and verbal communication skills in English
Job Responsibility
Job Responsibility
  • Identify manual, repetitive GRC processes and design automation blueprints to streamline them, including evidence collection, control monitoring, access reviews, policy enforcement checks, and compliance reporting
  • Build and maintain automated workflows using compliance platforms, scripting, or integration tools to reduce manual effort and improve audit-readiness
  • Develop reusable templates, playbooks, and standardised blueprints for recurring GRC activities (e.g., vendor assessments, internal audits, risk reviews) to ensure consistency and scalability
  • Collaborate with engineering and IT teams to integrate security and compliance checks into existing toolchains and CI/CD pipelines where applicable
  • Continuously evaluate and improve GRC tooling, data flows, and reporting to drive operational efficiency across the team
  • Manage stakeholder expectations and partner with internal teams to ensure effective management of IT risks and compliance obligations
  • Maintain regional and local stakeholder relationships, meeting schedules, minutes, and reports
  • Support the maintenance of the SOC 2 Type II framework, including evidence collection, control testing coordination, and audit support
  • Effectively manage ISO 27001 and ISO 22301 audit lifecycles and coordinate with stakeholders on ISMS and BCMS improvements
  • Support the maintenance and continuous improvement of the ISO 42001 (AI Management System) framework in alignment with the EU AI Act
Read More
Arrow Right

Grc Specialist Senior

The GRC Specialist Senior is responsible for conducting security assessments, co...
Location
Location
United States , Coral Gables
Salary
Salary:
Not provided
citynational.com Logo
City National Bank of WV
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-7 years of of applied work experience in cyber security compliance management, cyber security programs, data engineering, analytics or integration, audits, assessments, risk and remediation
  • Knowledge of AI concepts (LLMs, prompt design, limitations, hallucinations, etc.)
  • Knowledge of information security management, governance, and compliance principles, practices, laws, rules, regulations, and frameworks such as GLBA, FFIEC, and NIST
  • Knowledge of IT systems and processes, network infrastructure, data architecture, and protocols
  • Skill in applying cyber and cloud security frameworks, architecture, design, operations, controls, and service orchestration
  • Proficiency in Microsoft Office products (Word, Excel, PowerPoint)
  • Ability to develop and implement enterprise governance, risk, and compliance strategies and solutions
  • Ability to research and locate information related to internal and external organizations using online and other sources
  • Skill in security project management and planning
  • Ability to maintain confidentiality and handle sensitive information appropriately
Job Responsibility
Job Responsibility
  • Coordinate risk and control self-assessments with IT and cybersecurity subject matter experts and enterprise risk management team
  • Conduct control testing and document results to identify potential gaps in control design and/or control operating effectiveness
  • Collaborate with GRC, engineering, SecOps, IT operations, and BCP teams to define requirements and ensure scalable, secure, and maintainable AI-driven automation solutions
  • Identify opportunities to develop automated solutions using Microsoft Copilot, Power Automate, or another approved automation tool
  • Develop and maintain cybersecurity and IT policies, standards, procedures, program metrics and help develop automated compliance reports and risk metrics for executive leadership, to improve decision-making and reduce operational risk
  • Coordinate work assignments with process owners, control owners, external auditors, and consultants, ensuring issues are documented, monitored, and resolved
  • Advise internal stakeholders on internal control design for ongoing risk mitigation of information systems based on regulatory requirements and best practices
  • Communicate security issues and risks effectively to diverse audiences and ensure compliance with applicable controls based on a unified framework
  • Identify and correct process gaps proactively, recommending improvements to advance the Bank’s information security program maturity in alignment with company goals
  • Guide program leaders on risk remediation efforts, ensuring adequacy of response and timeliness based on risk severity
What we offer
What we offer
  • Medical, dental, and vision plans with employer contributions
  • 401(k) with matching
  • Generous PTO and paid holidays
  • Access to mental health and financial wellness resources
  • Tuition Reimbursement
  • Flex Time
  • Fulltime
Read More
Arrow Right

Lead Security Architect

We are looking for a Lead Security Architect to define and evolve the company’s ...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
instadeep.com Logo
InstaDeep
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in enterprise and cloud security architecture
  • 5+ years in identity, access, and network trust design
  • 3+ years facilitating threat modeling and secure design reviews
  • Strong experience defining architecture standards and translating principles into practical patterns
  • Experience working across enterprise IT, cloud platforms, infrastructure, and product environments
  • Experience engaging with senior stakeholders across technical and non-technical functions
  • Security architecture at enterprise and cloud scale
  • Zero Trust and IAM architecture
  • Secure integration and trust-boundary design
  • Threat modeling and architecture review governance
Job Responsibility
Job Responsibility
  • Security architecture leadership
  • Define architecture principles and implementation patterns for Zero Trust, identity, authorization, trust boundaries, segmentation, secure integration, and secure access
  • Set the strategic direction for enterprise, cloud, and data security architecture
  • Define target-state architecture for Enterprise IT, Cloud, and Infrastructure, including IAM and identity trust models, reverse proxy and secure access architecture, network and data segmentation, cloud-native control patterns
  • Lead the development of architecture standards for secure integration between IT and product environments
  • Partner closely with Global IT Security Engineering on IAM, endpoint, VPN, reverse proxy, and access-tool integration
  • Define security architecture for AI/ML workflows, cloud-native data platforms, and ML pipelines
  • Establish and maintain AI/ML trust-boundary models
  • Support architecture and product teams on secure AI adoption
  • Shape standards for data governance and access design, ML pipeline trust boundaries, model and data protection patterns, secure use of AI assistants and AI-enabled workflows
  • Fulltime
Read More
Arrow Right

Technical Program Manager, Corporate Engineering

As a Technical Program Manager on the Corporate Engineering team, you’ll lead co...
Location
Location
United States
Salary
Salary:
140000.00 - 165000.00 USD / Year
vanta.com Logo
Vanta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience managing complex, cross-functional programs in fast-paced, high-growth environments
  • Strong program management skills with the ability to run multiple initiatives simultaneously
  • Comfort operating in ambiguity and bringing clarity where none exists
  • Experience partnering with technical, security, legal, and business teams
  • Strong written and verbal communication skills, with the ability to tailor messages to diverse audiences
  • Ability to balance innovation with operational rigor and risk management
  • Familiarity with enterprise tooling ecosystems (e.g., Google Workspace, collaboration tools, IAM)
  • Open to using AI to amplify their skills and strengthen their work - demonstrating curiosity, a willingness to learn, and sound judgment in applying AI responsibly to improve efficiency and impact.
Job Responsibility
Job Responsibility
  • Lead internal AI initiatives from concept through execution, including use case discovery, pilot coordination, rollout planning, and adoption tracking
  • Partner with Security, Legal, and GRC to support safe, responsible AI use, including policy alignment, tooling guardrails, and change management
  • Coordinate cross-functional stakeholders to evaluate AI tools and integrations that improve productivity and operational efficiency
  • Bring structure to ambiguous AI initiatives by defining goals, success metrics, timelines, and ownership
  • Support internal education, enablement, and documentation related to tools and best practices
  • Lead strategic Corporate Engineering initiatives beyond AI, including tooling improvements, workflow optimization, and operational programs
  • Partner with cross-functional teams to identify needs, engage subject matter experts, and align solutions with business and operational goals
  • Provide program management rigor across multiple concurrent initiatives, ensuring timely delivery and clear communication
  • Communicate effectively across all levels of the organization, including senior leadership, tailoring messaging to different audiences
  • Lead change management for new tools and initiatives, including rollout planning, training, and adoption support
What we offer
What we offer
  • Offers Equity
  • medical benefits
  • 401(k) plan
  • other company perk programs
  • Comprehensive medical, dental, and vision coverage, with 100% of employee-only benefit premiums covered for most medical plans
  • 16 weeks fully-paid Parental Leave for all new parents
  • Health & wellness stipend
  • Remote workspace, internet, and cellphone stipend
  • Commuter benefits for team members who report to the SF and NYC office
  • Family planning benefits
  • Fulltime
Read More
Arrow Right
New

Branch Manager

Come and join us as a results driven Branch Manager to deliver sales and exceed ...
Location
Location
United Kingdom , Lymington
Salary
Salary:
Not provided
cityplumbing.co.uk Logo
City Plumbing
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A great positive attitude
  • Enjoy customer interaction
  • Management Experience
  • Safe Practices
  • Forward Thinking
  • Tenacity and resilience
  • A pro-active approach to sales, with a strong desire and ability to win and grow new business
  • Experience of customer relationship management and developing a true partnership approach
  • Excellent communication skills
  • Self confident and self motivated, with the ability to work on own initiative or as part of a wider team
Job Responsibility
Job Responsibility
  • Effective management of the team and resource
  • Setting the standard of a sales orientated culture
  • Delivering against sales and customer demands while maximising profitability
  • Maximising margin and net profit
  • Keeping everyone safe
  • Build and maintain relationships with new and existing trade and retail customers
  • Ability to interpret and analyse financial and statistical information
What we offer
What we offer
  • Bonus
  • Discounts, savings and cash back at numerous retailers
  • Life assurance
  • Extended family policy including maternity, paternity, additional annual leave and more
  • Mental Health First Aiders and Employee Assistance Programme, we look out for each other
  • Complete induction and a company that lets you grow and encourages development
  • Financial education and loans
  • Flexible working options
  • A business striving to create an environment of inclusion so everyone can be their true self
  • Fulltime
Read More
Arrow Right
New

Guest Environment Expert

Our jobs aren’t just about giving guests a clean room and a freshly made bed. In...
Location
Location
United States , Poughkeepsie
Salary
Salary:
18.00 USD / Hour
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Ensuring a safe work place
  • following company policies and procedures
  • maintaining confidentiality
  • upholding quality standards
  • ensuring professional uniform, personal appearance, and communications
  • ability to stand, sit, or walk for an extended time
  • ability to move, lift, carry, push, pull, and place objects weighing less than or equal to 50 pounds without assistance
Job Responsibility
Job Responsibility
  • Delivering guest requests
  • stocking carts
  • cleaning rooms and public spaces
  • maintaining the appearance and cleanliness of the whole hotel
  • Parttime
Read More
Arrow Right
New

Project Engineer

Our client is seeking a motivated and experienced Project Engineer to join their...
Location
Location
United Kingdom , Dartford
Salary
Salary:
30000.00 GBP / Year
https://www.office-angels.com Logo
Office Angels
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven construction based industry experience, (ideally within Smoke Ventilation/Fire Alarm Systems but not essential)
  • Computer literate with strong reporting and organisational skills
  • Excellent interpersonal and communication skills
  • Ability to multitask and manage cross-disciplinary projects
  • Strong time management and decision-making abilities
  • Professional, presentable, and self-motivated
  • Team-oriented with a commitment to exceeding client and colleague expectations
  • Full UK Driving License required, ideally with your own transport
Job Responsibility
Job Responsibility
  • Assist in the development and delivery of Risk and Method Statements
  • Compile detailed project reports covering quality, progress, and issues
  • Measuring up for install jobs and conducting Coordinate on-site deliveries to ensure smooth logistics
  • Support the accounts team with project-related financials and debt collection
  • Monitor project costs and provide financial updates, including profit/loss analysis
  • Communicate effectively with subcontractors and ensure alignment with project goals
  • Manage resources according to the client's program and track project progress
  • Ensure all documentation and certification is accurate, complete, and submitted on time
What we offer
What we offer
  • 23 days annual leave plus bank holidays, rising to 25 days annual leave at 2 years service
  • Company mobile phone
  • uniform and PPE
  • Life Insurance
  • Private Health Care
  • Pension Scheme
  • Fulltime
Read More
Arrow Right