CrawlJobs Logo
Vanta Logo Vanta · IT - Software Development

GRC AI Subject Matter Expert, Product

United States 163000.00 - 192000.00 USD / Year · Job Posted February 21, 2026
Apply Position
Job Link Share

Job Description

As a GRC AI Subject Matter Expert (AI SME), you’ll help make sure our AI features are accurate, auditable, and aligned with real-world compliance standards. You’ll bridge deep GRC knowledge with hands-on AI evaluation, ensuring that every model output we ship is trustworthy, explainable, and customer-ready.

Job Responsibility

  • Design and test prompts: Work with engineers and PMs to shape AI behavior, define edge cases, and review outputs for accuracy and usefulness
  • Own the ground truth: Build and maintain the “truth layer” — datasets and rating guides that represent correct, real-world GRC answers
  • Evaluate and improve quality: Run side-by-side reviews, define launch-readiness criteria, and measure ongoing quality and drift after release
  • Ensure responsible AI use: Help design AI systems that respect privacy, minimize hallucinations, and produce explainable, auditable results
  • Document and teach: Write clear guides, checklists, and examples others can reuse
  • host short training sessions to raise the bar for AI quality across teams
  • Collaborate widely: Partner with Product, Eng, and GTM teams to connect AI improvements directly to customer trust and business impact

Requirements

  • 5-7+ years of GRC or InfoSec experience across frameworks like SOC 2, ISO 27001, HIPAA, PCI DSS, or NIST
  • 1-3 years applying that expertise to AI-assisted workflows - building evaluation sets, reviewing AI outputs, or helping ship AI features
  • Strong understanding of evidence, controls, and compliance workflows (TPRM, risk, policy, customer trust)
  • Skilled at writing clear instructions and evaluation guides others can follow consistently
  • Comfortable working with structured data (Sheets, logs, exports) and translating GRC artifacts into usable AI context
  • Curious, methodical, and motivated to build systems that make AI both smarter and safer
  • Certifications like CISA, CISSP, CCSK, or CIPM/CIPT are a plus
  • Open to using AI to amplify their skills and strengthen their work - demonstrating curiosity, a willingness to learn, and sound judgment in applying AI responsibly to improve efficiency and impact

Nice to have

Certifications like CISA, CISSP, CCSK, or CIPM/CIPT are a plus

What we offer

  • Offers Equity
  • medical benefits
  • 401(k) plan
  • other company perk programs
  • Comprehensive medical, dental, and vision coverage, with 100% of employee-only benefit premiums covered for most medical plans
  • 16 weeks fully-paid Parental Leave for all new parents
  • Health & wellness stipend
  • Remote workspace, internet, and cellphone stipend
  • Commuter benefits for team members who report to the SF and NYC office
  • Family planning benefits
  • Matching 401(k) contribution with immediate vesting
  • Flexible PTO policy, plus 80 hours of Sick Time
  • 11 company-paid holidays
  • Virtual team building activities, lunch and learns, and other company-wide events
Vanta - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

GRC AI Subject Matter Expert, Product

8 matching positions

Product & Data Protection Counsel

Come join the company that is reinventing cloud security and empowering business...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
wiz.io Logo
Wiz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A minimum of 3 years of experience in an in-house product counsel role
  • Technical understanding of the development and functionality of SaaS products
  • Familiarity with privacy, data protection, and IP laws, as well as practical issues including AI, open source, and export control
  • Experience negotiating and drafting commercial agreements, including SaaS and integration agreements, with a focus on privacy and security terms
  • Excellent ability to communicate legal requirements to a non-legal audience and identify practical solutions
  • Proven ability to collaborate effectively with other teams, including Security, GRC, Product, and R&D
  • Strong operational and organizational skills with experience building and managing processes
  • Strong research and analytical skills
  • Fluency in English is a must
Job Responsibility
Job Responsibility
  • Work as part of the Wiz Product & Data Protection Team, with members based in Israel and the US
  • Act as a key partner and advisor to Wiz’s Product and R&D teams, advising on legal, commercial, regulatory, and data protection aspects throughout the product lifecycle
  • Assess, mitigate, and manage risks related to the product lifecycle and serve as a subject matter expert on product issues
  • Handle reviews of new product features and processing activities from a privacy, data protection, and compliance perspective
  • Review and negotiate product-related vendor and integration agreements
Read More
Arrow Right

Post-Sales GRC Subject Matter Expert

As a Post-Sales Subject Matter Expert, GRC at Vanta, you will be a highly visibl...
Location
Location
United States
Salary
Salary:
163000.00 - 192000.00 USD / Year
vanta.com Logo
Vanta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Deep understanding of security, privacy, and AI governance frameworks (SOC 2, ISO 27001, ISO 42001, HITRUST, HIPAA, GDPR, NIST AI RMF, etc.) including experience either auditing, or participating in a cybersecurity audit
  • The ability to perform control mapping exercises for net-new frameworks, including policies to controls, risks to controls, etc.
  • Problem-solving skills in a fast-paced environment
  • Passion for leveraging AI and automation to advance GRC and risk management maturity
  • Ability to translate complex compliance requirements into actionable technical guidance for SaaS environments
  • Familiarity with cloud infrastructure, version control systems, risk management, vulnerability management, and their related security processes
  • Experience in building productive relationships and driving collaboration with both technical and non-technical teams
  • Knowledge of the cybersecurity audit process
  • Security compliance management experience within a SaaS environment preferred, but not required
  • Sales Engineering or Technical Support experience preferred, but not required
Job Responsibility
Job Responsibility
  • Partner with the Vanta's Sales and Customer Success teams to represent Vanta’s Trust Management Platform to prospects and customers
  • Facilitate onboarding and implementation of Vanta for new customers
  • Engage with executives and sr. staff at prospect and customer organizations to establish relationships with customer's Security and Compliance points of contact
  • Become an expert on the security features available for customers to deploy within Vanta, including best practices for implementation
  • Use your expert knowledge of compliance frameworks like SOC 2 and ISO 27001 to advise customers regarding questions about scoping, policy creation, detailed control requirements and security best practices
  • Collaborate with Vanta’s EPD (Product) team to improve processes and enable faster and more seamless experiences for our customers
  • Identify requirements that would enable additional customer use cases and drive implementation of customer requirements with relevant stakeholders
  • Provide input and feedback on the development of security and GRC product features for Vanta’s customers
  • Answer questions for internal and external stakeholders about security and compliance
What we offer
What we offer
  • Offers Equity
  • medical benefits
  • 401(k) plan
  • other company perk programs
  • Comprehensive medical, dental, and vision coverage, with 100% of employee-only benefit premiums covered for most medical plans
  • 16 weeks fully-paid Parental Leave for all new parents
  • Health & wellness stipend
  • Remote workspace, internet, and cellphone stipend
  • Commuter benefits for team members who report to the SF and NYC office
  • Family planning benefits
  • Fulltime
Read More
Arrow Right

Lead Security Architect

We are looking for a Lead Security Architect to define and evolve the company’s ...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
instadeep.com Logo
InstaDeep
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in enterprise and cloud security architecture
  • 5+ years in identity, access, and network trust design
  • 3+ years facilitating threat modeling and secure design reviews
  • Strong experience defining architecture standards and translating principles into practical patterns
  • Experience working across enterprise IT, cloud platforms, infrastructure, and product environments
  • Experience engaging with senior stakeholders across technical and non-technical functions
  • Security architecture at enterprise and cloud scale
  • Zero Trust and IAM architecture
  • Secure integration and trust-boundary design
  • Threat modeling and architecture review governance
Job Responsibility
Job Responsibility
  • Security architecture leadership
  • Define architecture principles and implementation patterns for Zero Trust, identity, authorization, trust boundaries, segmentation, secure integration, and secure access
  • Set the strategic direction for enterprise, cloud, and data security architecture
  • Define target-state architecture for Enterprise IT, Cloud, and Infrastructure, including IAM and identity trust models, reverse proxy and secure access architecture, network and data segmentation, cloud-native control patterns
  • Lead the development of architecture standards for secure integration between IT and product environments
  • Partner closely with Global IT Security Engineering on IAM, endpoint, VPN, reverse proxy, and access-tool integration
  • Define security architecture for AI/ML workflows, cloud-native data platforms, and ML pipelines
  • Establish and maintain AI/ML trust-boundary models
  • Support architecture and product teams on secure AI adoption
  • Shape standards for data governance and access design, ML pipeline trust boundaries, model and data protection patterns, secure use of AI assistants and AI-enabled workflows
  • Fulltime
Read More
Arrow Right

Technical Program Manager, Corporate Engineering

As a Technical Program Manager on the Corporate Engineering team, you’ll lead co...
Location
Location
United States
Salary
Salary:
140000.00 - 165000.00 USD / Year
vanta.com Logo
Vanta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience managing complex, cross-functional programs in fast-paced, high-growth environments
  • Strong program management skills with the ability to run multiple initiatives simultaneously
  • Comfort operating in ambiguity and bringing clarity where none exists
  • Experience partnering with technical, security, legal, and business teams
  • Strong written and verbal communication skills, with the ability to tailor messages to diverse audiences
  • Ability to balance innovation with operational rigor and risk management
  • Familiarity with enterprise tooling ecosystems (e.g., Google Workspace, collaboration tools, IAM)
  • Open to using AI to amplify their skills and strengthen their work - demonstrating curiosity, a willingness to learn, and sound judgment in applying AI responsibly to improve efficiency and impact.
Job Responsibility
Job Responsibility
  • Lead internal AI initiatives from concept through execution, including use case discovery, pilot coordination, rollout planning, and adoption tracking
  • Partner with Security, Legal, and GRC to support safe, responsible AI use, including policy alignment, tooling guardrails, and change management
  • Coordinate cross-functional stakeholders to evaluate AI tools and integrations that improve productivity and operational efficiency
  • Bring structure to ambiguous AI initiatives by defining goals, success metrics, timelines, and ownership
  • Support internal education, enablement, and documentation related to tools and best practices
  • Lead strategic Corporate Engineering initiatives beyond AI, including tooling improvements, workflow optimization, and operational programs
  • Partner with cross-functional teams to identify needs, engage subject matter experts, and align solutions with business and operational goals
  • Provide program management rigor across multiple concurrent initiatives, ensuring timely delivery and clear communication
  • Communicate effectively across all levels of the organization, including senior leadership, tailoring messaging to different audiences
  • Lead change management for new tools and initiatives, including rollout planning, training, and adoption support
What we offer
What we offer
  • Offers Equity
  • medical benefits
  • 401(k) plan
  • other company perk programs
  • Comprehensive medical, dental, and vision coverage, with 100% of employee-only benefit premiums covered for most medical plans
  • 16 weeks fully-paid Parental Leave for all new parents
  • Health & wellness stipend
  • Remote workspace, internet, and cellphone stipend
  • Commuter benefits for team members who report to the SF and NYC office
  • Family planning benefits
  • Fulltime
Read More
Arrow Right

Grc Specialist Senior

The GRC Specialist Senior is responsible for conducting security assessments, co...
Location
Location
United States , Coral Gables
Salary
Salary:
Not provided
citynational.com Logo
City National Bank of WV
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-7 years of of applied work experience in cyber security compliance management, cyber security programs, data engineering, analytics or integration, audits, assessments, risk and remediation
  • Knowledge of AI concepts (LLMs, prompt design, limitations, hallucinations, etc.)
  • Knowledge of information security management, governance, and compliance principles, practices, laws, rules, regulations, and frameworks such as GLBA, FFIEC, and NIST
  • Knowledge of IT systems and processes, network infrastructure, data architecture, and protocols
  • Skill in applying cyber and cloud security frameworks, architecture, design, operations, controls, and service orchestration
  • Proficiency in Microsoft Office products (Word, Excel, PowerPoint)
  • Ability to develop and implement enterprise governance, risk, and compliance strategies and solutions
  • Ability to research and locate information related to internal and external organizations using online and other sources
  • Skill in security project management and planning
  • Ability to maintain confidentiality and handle sensitive information appropriately
Job Responsibility
Job Responsibility
  • Coordinate risk and control self-assessments with IT and cybersecurity subject matter experts and enterprise risk management team
  • Conduct control testing and document results to identify potential gaps in control design and/or control operating effectiveness
  • Collaborate with GRC, engineering, SecOps, IT operations, and BCP teams to define requirements and ensure scalable, secure, and maintainable AI-driven automation solutions
  • Identify opportunities to develop automated solutions using Microsoft Copilot, Power Automate, or another approved automation tool
  • Develop and maintain cybersecurity and IT policies, standards, procedures, program metrics and help develop automated compliance reports and risk metrics for executive leadership, to improve decision-making and reduce operational risk
  • Coordinate work assignments with process owners, control owners, external auditors, and consultants, ensuring issues are documented, monitored, and resolved
  • Advise internal stakeholders on internal control design for ongoing risk mitigation of information systems based on regulatory requirements and best practices
  • Communicate security issues and risks effectively to diverse audiences and ensure compliance with applicable controls based on a unified framework
  • Identify and correct process gaps proactively, recommending improvements to advance the Bank’s information security program maturity in alignment with company goals
  • Guide program leaders on risk remediation efforts, ensuring adequacy of response and timeliness based on risk severity
What we offer
What we offer
  • Medical, dental, and vision plans with employer contributions
  • 401(k) with matching
  • Generous PTO and paid holidays
  • Access to mental health and financial wellness resources
  • Tuition Reimbursement
  • Flex Time
  • Fulltime
Read More
Arrow Right
New

Sales Executive, Surgical

The Sales Executive, Surgical is responsible for driving sales growth for KARL S...
Location
Location
United States , Phoenix
Salary
Salary:
Not provided
karlstorz.com Logo
KARL STORZ
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree or 4–6 years of B2B sales experience
  • Proven track record of exceeding consultative sales targets
  • Strong interpersonal, presentation, and organizational skills
  • ability to manage multiple priorities
  • Ability to understand technical product features and applications
  • Ability to lift up to 35 lbs.
  • Willingness to travel up to 100%
  • Prior KARL STORZ experience is a plus
  • Hired candidate required to live in or close to the Phoenix, AZ area
  • Candidates must reside locally
Job Responsibility
Job Responsibility
  • Conduct consultative sales across hospitals, surgery centers, clinics, and physician offices
  • Achieve or exceed annual sales quotas and expand market share for designated product lines
  • Build and maintain strong relationships with nurses, physicians, sterile processing, supply chain, and other decision-makers
  • Deliver post-sale training and service to ensure customer satisfaction and product reliability
  • Identify and pursue new business opportunities while supporting company promotions
  • Develop and maintain annual sales plans, forecasts, and customer records
  • Provide product demonstrations, resolve customer issues, and report competitive activity
  • Maintain and manage sales samples and support field training of new team members when needed
  • Attend required sales meetings, trainings, and conventions
  • submit timely reports and expenses
What we offer
What we offer
  • Medical / Dental / Vision including a state-of-the-art wellness program and pet insurance, too
  • 3 weeks vacation, 11 holidays plus paid sick time
  • Up to 8 weeks of 100% paid company parental leave
  • includes maternal/ paternal leave, adoption, and fostering of a child
  • 401(k) retirement savings plan providing a match of 60% of the employee's first 6% contribution (up to IRS limits)
  • Section 125 Flexible Spending Accounts
  • Life, STD, LTD & LTC Insurance
  • We prepay your tuition up to $5,250 per year! - Tuition pre-imbursement
  • Fitness reimbursement of up to $200 annually
  • And much more!
  • Fulltime
Read More
Arrow Right
New

Lead Production Engineer

Location
Location
India , Neu-Delhi
Salary
Salary:
Not provided
karlstorz.com Logo
KARL STORZ
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree or equivalent qualification. (B.E./ B. Tech in Mechanical Engineering / Electrical / Electronics Engineering)
  • 8+ years in the production / assembling of Electronic Medical Devices Industry
Job Responsibility
Job Responsibility
  • Project Collaboration with national and international groups, within and outside of Operations
  • Creation, harmonisation, and serial production support of Local production processes, procedural instructions, standard operating procedures (SOPs), work instructions (WIs) and forms for Operations, process flows, PFMEA, and control plans
  • Technical support to the departments on topics related to the production engineer's area of expertise and methodological competencies
  • Design transfer implementation from the Design Development group
  • Definition, participation in the procurement and verification/validation of required systems/machines/software, operating and testing equipment for the implementation of technical tasks in the production engineer's area of expertise
  • Close collaboration with all departments required for the implementation of the assigned projects
  • globally, these include, for example, Development, Purchasing, Production, and Manual Engineering
  • Creation, harmonization, and maintenance of the overarching competency/method matrix for Global Operations or support in this task
  • Maintain accurate, complete engineering and process documentation. Generate technical reports, performance summaries, and improvement proposals
  • Support internal and external audits by providing technical documentation and evidence of process control
What we offer
What we offer
  • Comprehensive health coverage including hospitalization benefits for employees and dependent family members
  • Parental Leave Policies
  • Free and Confidential Counselling Support
  • Insurance coverage including Term/Life Insurance and Accidental Disability/Death Insurance
  • Contribution of 4.81% of Basic salary to Gratuity scheme
  • Option to contribute to National Pension Scheme
Read More
Arrow Right
New

Sales Executive, Urology & Gynecology

Sales Executive, Urology & Gynecology - Alexandria, VA. Pay Range: $104,000 plus...
Location
Location
United States , Alexandria
Salary
Salary:
104000.00 USD / Year
karlstorz.com Logo
KARL STORZ
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree or 2–4 years of B2B sales experience (medical device sales strongly preferred)
  • Working knowledge of surgical workflows and integration of capital and disposable products
  • Ability to translate clinical challenges into customized technology solutions
  • Experience working with hospital systems, ASCs, and outpatient clinics
  • Strong skills in territory planning, forecasting, and pipeline management
  • Excellent communication, presentation, and relationship-building skills
Job Responsibility
Job Responsibility
  • Execute a comprehensive territory sales strategy to meet or exceed annual sales targets for the Urology & Gynecology portfolio
  • Build strong clinical relationships through in‑depth product demonstrations and technical presentations for surgeons, nurses, and administrative stakeholders
  • Develop and manage strategic account plans based on procedural volume, service line growth, and technology needs
  • Provide post‑sale clinical and technical support, including training, troubleshooting, and ongoing product optimization
  • Navigate hospital procurement processes and support value analysis committee discussions
  • Monitor competitive activity and provide actionable market intelligence to internal teams
  • Maintain accurate CRM records and deliver timely reports on pipeline and territory performance
What we offer
What we offer
  • Commission and performance bonus opportunities
  • Expense reimbursement
  • Medical / Dental / Vision including a state-of-the-art wellness program and pet insurance, too
  • 3 weeks vacation, 11 holidays plus paid sick time
  • Up to 8 weeks of 100% paid company parental leave
  • 401(k) retirement savings plan providing a match of 60% of the employee’s first 6% contribution
  • Section 125 Flexible Spending Accounts
  • Life, STD, LTD & LTC Insurance
  • Tuition pre-imbursement up to $5,250 per year
  • Fitness reimbursement of up to $200 annually
  • Fulltime
Read More
Arrow Right