CrawlJobs Logo

GRC Lead

replit.com Logo

Replit

Location Icon

Location:
United States , Foster City

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

208000.00 - 300000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

We are looking for a GRC Lead to serve as the Technical Lead for our compliance and risk management ecosystem. You will architect the systems and processes that automate trust, guiding a team of GRC specialists while partnering deeply across the organization.

Job Responsibility:

  • Team Leadership: Act as the technical anchor for the GRC team
  • Program Architecture: Own the technical vision for Replit’s GRC program
  • Thought Leadership: Champion a culture of security and privacy across the company
  • Engineering & Architecture: Partner with Architects and Engineering Leads to 'bake in' compliance requirements
  • Legal & Privacy: Work closely with Legal Counsel to interpret and implement requirements for Privacy and AI regulations
  • Sales & GTM: Enable the Sales team by managing the Customer Trust Center and handling complex security questionnaires
  • Auditor Relationships: Own and cultivate the primary relationship with external auditors
  • Risk Register Owner: Own the Cybersecurity Risk Register
  • Framework Evolution: Manage and evolve our compliance posture across SOC 2, ISO 27001, and prepare for future certifications
  • Pragmatic Governance: Apply judgment to operate in 'gray areas' when appropriate
  • Control Automation: Drive the shift from manual evidence collection to continuous monitoring
  • Third-Party Risk: Architect a scalable framework for assessing third-party vendors and AI model providers

Requirements:

  • 8+ years of experience in GRC or Information Security
  • Leadership Experience: Proven experience mentoring other GRC professionals or leading complex cross-functional projects
  • Technical Fluency: Ability to speak the language of engineering, cloud (GCP/AWS), and security architecture
  • Regulatory Breadth: Deep experience with SOC 2, ISO 27001, PCI, HIPPA, and Privacy laws
  • Collaborative Communication: Strong ability to explain risk and tradeoffs to technical (Engineers), legal, and commercial (Sales/Execs) stakeholders
  • Automation Mindset: Experience with GRC automation tools (e.g., Vanta, Drata) and a bias toward reducing manual toil

Nice to have:

Familiarity with FedRAMP, ITAR, or AI regulation is a strong plus

What we offer:
  • Competitive Salary & Equity
  • 401(k) Program with a 4% match
  • Health, Dental, Vision and Life Insurance
  • Short Term and Long Term Disability
  • Paid Parental, Medical, Caregiver Leave
  • Commuter Benefits
  • Monthly Wellness Stipend
  • Autonomous Work Environment
  • In Office Set-Up Reimbursement
  • Flexible Time Off (FTO) + Holidays
  • Quarterly Team Gatherings
  • In Office Amenities

Additional Information:

Job Posted:
February 18, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Replit - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for GRC Lead

GRC Lead (ITSM)

HPE Operations is our innovative IT services organization. It provides the exper...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Excellent understanding and 8+ relevance Years experience of working with/implementing ITIL framework- Service Level Management, Incident Management, Problem Management, Change Management, Configuration Management, Continual Service Improvement
  • Knowledge of international standards like ISO20000 / ISO20K
  • At least ITIL 4 Practice Manager certified or above
  • Strong Background of Process Design-IT and Business, Optimization, Audits and documentation
  • Thorough understanding of the IT Metrics and ability to identify/develop KPI which can be effectively used to track IT performance
  • Understanding of Service Design principles
  • Good understanding of IT Applications and Infrastructure domain
  • Ability to Objectively Analyze, Assess, Communicate, and report metrics and Analyze them to draw logical inferences and identify improvements
  • Excellent communications skills – Written, Verbal and Presentation and Process documentation
  • Proficiency of developing process flows using Vision, PowerPoint and reports using excel, Word and tools like SNOW
Job Responsibility
Job Responsibility
  • Definition, design, implementation of end to end ITSM processes
  • Understand the Services, Services Providers, and the Services metrics- SLAs, KPI associated with various process associated from Service management point of view
  • Ensure various process standards and designs are created, updated on periodic basis working closely with the respective Process Owners
  • Analysis of the IT Metrics and draw inferences and come up with Service Improvement plans to improve the performance of IT
  • Drive meetings, interactions with the Process and Services teams and to improve the quality of services, quality of metrics data and the quality of reporting
  • Customize the process documents to suit the customer requirements and landscape
  • Develop/enhance an audit framework which would help auditing to the Core ITSM process to fix gaps and improve Maturity
  • Participate in audits, Services reviews and provide inputs on improving effectiveness of ITSM process
  • Develop SOPs, reporting standards and reporting templates as needed from time to time
  • Work as backup if any support is needed for Incident, Problem, Change, Service Level Management Process
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

GRC Lead

HPE Operations is our innovative IT services organization. It provides the exper...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Excellent understanding and 8+ relevance Years experience of working with/implementing ITIL framework- Service Level Management, Incident Management, Problem Management, Change Management, Configuration Management, Continual Service Improvement
  • Knowledge of international standards like ISO20000 / ISO20K
  • At least ITIL 4 Practice Manager certified or above
  • Strong Background of Process Design-IT and Business, Optimization, Audits and documentation
  • Thorough understanding of the IT Metrics and ability to identify/develop KPI which can be effectively used to track IT performance
  • Understanding of Service Design principles
  • Good understanding of IT Applications and Infrastructure domain
  • Ability to Objectively Analyze, Assess, Communicate, and report metrics and Analyze them to draw logical inferences and identify improvements
  • Excellent communications skills – Written, Verbal and Presentation and Process documentation
  • Proficiency of developing process flows using Vision, PowerPoint and reports using excel, Word and tools like SNOW
Job Responsibility
Job Responsibility
  • Definition, design, implementation of end to end ITSM processes
  • Understand the Services, Services Providers, and the Services metrics- SLAs, KPI associated with various process associated from Service management point of view
  • Ensure various process standards and designs are created, updated on periodic basis working closely with the respective Process Owners
  • Analysis of the IT Metrics and draw inferences and come up with Service Improvement plans to improve the performance of IT
  • Drive meetings, interactions with the Process and Services teams and to improve the quality of services, quality of metrics data and the quality of reporting
  • Customize the process documents to suit the customer requirements and landscape
  • Develop/enhance an audit framework which would help auditing to the Core ITSM process to fix gaps and improve Maturity
  • Participate in audits, Services reviews and provide inputs on improving effectiveness of ITSM process
  • Develop SOPs, reporting standards and reporting templates as needed from time to time
  • Work as backup if any support is needed for Incident, Problem, Change, Service Level Management Process
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Cyber Manager's Control Assessment (MCA) Lead Analyst

This role will report to the Cybersecurity MCA Group Manager, responsible for pr...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Have at least 8+ years of relevant experience
  • Experience in Manager’s Control Assessment (MCA), Operational Risk, Information Security, Cybersecurity, Risk Management, and/or Governance, Risk and Control (GRC)
  • Risk Management, Cybersecurity, and/or Project Management certifications are a plus (e.g. CRISC, CISA, CISM, CISSP, PMP)
  • Proven experience in implementing sustainable solutions and improving processes
  • Bring creative approaches to help us drive value for clients
  • Ability to influence decisions with senior leadership and business partners when confronted with differing opinions on information security risks
  • Proficiency with Microsoft Office, advanced Excel skills (e.g. macros, pivots, complex formulas)
  • Knowledge of data visualization/analytics business applications such as Tableau, QlikView, and Microsoft Power BI
  • Familiarity with Machine Learning and Artificial Intelligence (AI) is a plus
  • Fluent in English (ability to read, write, and speak)
Job Responsibility
Job Responsibility
  • Manage the planning, coordination, and execution of MCA Transformation program for CISO
  • Drive MCA best practices, transformation, and execution consistency across business/functions
  • Lead efforts in Global Process MCA Profiles (GPMPs) and Continuous Risk Management (CRM) for CISO
  • Gain expert-level knowledge of MCA Standard, Procedure, and tools to support future-state MCA
  • Support CISO Business Processes, Control Owners, and Global Assessment Unit (GAU) Owners in their responsibilities related to MCA execution
  • Identify and document key controls necessary for mitigation of cybersecurity risk
  • Be a hands-on Subject Matter Expert (SME) with the ability to drive problem solving and root cause analyses, simplify complex messages and summarize key points
  • Partner with CISO’s Enterprise Architecture Methodology (EAM) Lead team by which taxonomies and processes interlink with each other, establishing a multifaceted matrix to inform decision-making and simplification
  • Foster constructive dialogue and facilitate open discussion, sharing of knowledge and experience with customers and stakeholders
  • Actively manage relationships with CISO business partners and risk management teams to achieve sustained success
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Lead Cyber Security Consultant

As a Lead Cyber Security Consultant at Actica Consulting, you will have the oppo...
Location
Location
United Kingdom , London; Guildford; Bristol; M4 corridor
Salary
Salary:
Not provided
actica.co.uk Logo
Actica Consulting
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience of complex ICT systems security in a technical delivery or consulting capacity in the UK Defence sector or Public Sector
  • The ability to present and justify conclusions to project teams and business stakeholders
  • Proven abilities in delivering to client expectations and requirements
  • Strong verbal and written communications skills
  • Must be eligible and willing to obtain UK Government Security Clearance
Job Responsibility
Job Responsibility
  • Leading one or more Actica teams to undertake varying consultancy assignments
  • Providing security expertise for major system procurements and Agile programmes to ensure secure delivery
  • Identifying, analysing and evaluating information risks across a range of programmes, projects and systems
  • Explaining to risk owners the causes, likelihood and potential business impacts of information risks
  • Identifying and presenting options for treating or transferring information risks
  • Authoring and/or supporting the development of security assurance documentation
  • Developing or reviewing new security architectures
  • Scoping security testing activities, and explaining the results and required remediation
  • Managing the delivery of security services by Actica teams across several live projects
  • Working with our client-side customers to manage contract delivery
What we offer
What we offer
  • 25 days of paid leave per annum plus 8 UK bank holidays
  • Discretionary, Performance-Based Bonus Scheme
  • Enrolment in Stakeholder Pension Scheme
  • Cycle To Work Scheme
  • Employee Assistance Programme
  • Electric Vehicle Leasing Scheme
  • Private Medical Insurance
  • Substantial training leading to nationally recognised certifications
  • Mentor support and guidance
  • Performance and Development Manager for regular reviews and career progression planning
  • Fulltime
Read More
Arrow Right
New

Governance, Risk & Compliance Pre-Sales Architect

The Governance, Risk & Compliance (GRC) Pre-Sales Architect will lead the GRC se...
Location
Location
United States , Plano
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15+ years of progressive experience in Information Technology, Security, Governance, Regulatory, Compliance, and Risk Management
  • Proven experience in a pre-sales, advisory, or consulting role, driving GRC solution sales in the US market
  • Deep knowledge and hands-on experience in: Enterprise Risk Management (ERM) and operational controls
  • Compliance Management and Regulatory environment
  • Emerging technologies like AI/ML, Data Governance, and Agentic AI/ML Risk
  • Insider Risk Management and Data Protection
  • Possess one or more major industry certifications, such as CISSP, CISA, or CRISC
  • Bachelor's degree in a relevant technical or business field
Job Responsibility
Job Responsibility
  • Lead the GRC Service Portfolio: Act as the technical and strategic lead for the GRC service portfolio within the US region
  • Client Engagement & Representation: Represent the GRC services, value proposition, and technical capabilities to prospective clients, acting as a trusted advisor to C-suite and risk stakeholders
  • Pre-Sales & Solution Design: Drive the pre-sales process by defining, designing, and scoping complex GRC solutions tailored to client needs and regulatory mandates. This includes the implementation of industry-recognized governance frameworks such as NIST, COBIT, COSO, and ISO 27001
  • Technical Expertise: Showcase demonstrable expertise in consulting, designing, and evaluating enterprise risk management, governance frameworks, and operational controls
  • Regulatory & Compliance: Provide strategic counsel to organizations on mitigating risks and designing controls across critical areas like: Cybersecurity and Information Security
  • Technology, Cloud, and Data Privacy
  • AI/ML and Model Risk Management
  • Regulatory mandates including HIPAA, PCI-DSS, and Sarbanes-Oxley (SOX 404)
  • Delivery Experience: Leverage hands-on experience in delivering GRC services, leading compliance programs, risk assessments etc. to shape suitable customer solutions
  • Stakeholder Management & Collaboration: Complex Stakeholder Alignment: Effectively manage and align expectations across customer business and leadership teams
  • Fulltime
Read More
Arrow Right
New

Lead Security GRC Program Manager

At Bumble, we’re building secure, AI-driven systems that empower connection and ...
Location
Location
United States , Austin
Salary
Salary:
145000.00 - 180000.00 USD / Year
bumble.com Logo
Bumble Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of experience in Security GRC, audit, or compliance within a cloud-native or technology-driven environment
  • Proven ownership of PCI, SOX, ITGC, and GDPR compliance programs — from planning through audit closure
  • Demonstrated success driving measurable improvements in audit efficiency, control maturity, or automation adoption
  • Strong working knowledge of cloud architectures, including hands-on experience operating in GCP environments
  • Experience with AWS is a plus
  • Strong grasp of common ITGC control areas, including access management, change management, and incident response
  • Experience integrating GRC tools with engineering systems (e.g., CI/CD pipelines, Jira, Slack, or identity platforms like Okta)
  • Ability to design or refine control automation workflows and collaborate with engineers on technical control implementation
  • Practical understanding of data flow mapping and system-of-record validation to support GDPR evidence and privacy controls
  • Track record of leading multi-stakeholder audits (Finance, Legal, Engineering, Privacy) and aligning diverse teams on deadlines and deliverables
Job Responsibility
Job Responsibility
  • Own Bumble’s Core Compliance Programs: Lead end-to-end management of PCI, SOX, ITGC, and GDPR frameworks — from annual audit planning through evidence collection, remediation, and executive reporting
  • Drive Audit Efficiency & Automation: Partner with Security Engineering, Finance IT, and Product teams to automate evidence workflows, control attestations, and testing pipelines via tools such as Drata, Vanta, or ServiceNow GRC
  • Lead SOX & ITGC Program Delivery: Co-own SOX ITGC compliance with Finance IT, directly manage external audit partners, and maintain strong control hygiene across identity, change management, and infrastructure layers
  • Oversee PCI Compliance Operations: Maintain Bumble’s PCI program scope, manage annual assessments, and coordinate with payments and infrastructure teams to ensure ongoing adherence and minimal audit fatigue
  • Steward GDPR Alignment: Partner with Legal, Privacy, and Data Engineering to operationalize GDPR requirements, ensuring data protection principles and privacy-by-design controls are consistently validated
  • Report Risk & Remediation Metrics: Build dashboards and KPI reports that provide visibility into audit readiness, control performance, and remediation progress for executive stakeholders
What we offer
What we offer
  • Maven Fertility: $10,000 lifetime benefit opportunity for reproductive journey support
  • Family & compassionate paid leave
  • 26 weeks parental leave for primary caregiver
  • 26 weeks paid leave for secondary caregiver after 1 year of employment
  • Unlimited paid time off
  • Company-wide week off
  • Focus Fridays
  • Fulltime
Read More
Arrow Right

Senior Staff Analyst, GRC

The role is part of the Security Function within the broader Mozilla Infrastruct...
Location
Location
United States
Salary
Salary:
Not provided
mozilla.org Logo
Mozilla
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of progressive experience in developing and delivering an integrated GRC framework
  • Strong understanding and deep knowledge of regulatory frameworks, processes and tools related to building a robust GRC framework
  • Experience leading and delivering cross functional requirements for product & enterprise teams to implement controls and measures to meet compliance requirements
  • Relevant industry certifications (CISA, CISSP, CISM, CRISC, etc)
  • Hands-on understanding of using various technology and tools (SEIM, BI Tools)
  • Ability to develop Root Cause Analysis (RCA) and remediation plans to resolve risk deficiencies working with respective stakeholder teams
  • Strong critical thinking skills with the ability to drive long term organizational impact
  • A background that demonstrates a bias for action and the ability to navigate constraints in order to achieve business outcomes
  • Ability to collaborate and influence a diverse group of stakeholders to address cross-functional challenges and lead change
Job Responsibility
Job Responsibility
  • Governance : develop and maintain a comprehensive GRC strategy and roadmap aligned with business objectives. Lead the creation and enforcement of standards, policies, controls, audits, reporting across various enterprise and product verticals
  • Risk Mgmt : develop and operationalize a risk assessment and management framework on a periodic basis to enable prioritization and remediation of critical issues. Define and deliver measurable scorecards and metrics to enable data driven decision making
  • Compliance : ensure compliance with various regulatory standards and frameworks ( ISO, NIST, SOC2, CCPA, GDPR, etc). Lead internal and external audit activities including tracking and resolving deficiencies and remediations
  • Partner closely with Legal / IT / Finance / Security to align on the GRC program and deliver a cohesive integrated risk management framework
  • Led defining requirement and reporting (scorecards) of data life cycle management across enterprise and product domains working with data platform and legal team
What we offer
What we offer
  • Generous performance-based bonus plans
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting
  • Quarterly all-company wellness days
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
Read More
Arrow Right

Cybersecurity GRC Tool Analyst

Cybersecurity GRC Tool Analyst to analyse the technology requirements of the var...
Location
Location
Canada
Salary
Salary:
97600.00 - 181000.00 CAD / Year
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information Security, Information Technology, Risk Management or a related field, or equivalent experience
  • CISSP, ISO 27001 Lead Implementer, or similar certification
  • GRC platform certifications (e.g., Archer Certified Professional, ServiceNow GRC, Drata Admin, OneTrust Certified)
  • ITIL Foundation (a plus)
  • 5-7 years of experience in Information Security, IT Governance, or Risk Management
  • 5+ years of experience working with GRC platforms (e.g., Archer, ServiceNow GRC, AuditBoard, Drata, OneTrust, or similar)
  • Expert at working with Governance Risk & Compliance platforms
  • Strong understanding of cybersecurity and compliance frameworks (e.g., NIST CSF, ISO 27001)
  • Experience with basic integrations and workflow configurations
  • Strong organizational skills and attention to detail
Job Responsibility
Job Responsibility
  • Administer and maintain the GRC platform, including configurations, workflows, and reporting dashboards
  • Support the integration of the GRC tool with key enterprise systems (e.g., asset inventory, ticketing systems, vulnerability management tools)
  • Collaborate with cybersecurity, policy, risk, compliance, and IT teams to capture business requirements and translate them into functional tool capabilities
  • Assist in onboarding and managing control frameworks (e.g., ISO 27001, SOC 2, NIST CSF, FedRAMP) within the platform
  • Monitor data quality, ensure accurate reporting, and maintain platform integrity
  • Support control owners and stakeholders in using the GRC platform for assessments, evidence collection, and tracking remediation activities
  • Maintain user roles and permissions, ensuring proper access management
  • Document processes, workflows, and platform configurations
  • Provide training and guidance to end users on tool functionality and best practices
  • Coordinate with tool vendors for issue resolution, upgrades, and enhancements
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive benefits suite supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy