CrawlJobs Logo
Assessfirst Logo Assessfirst · IT - Administration

Grc Manager

France, Paris 55000.00 - 64000.00 EUR / Year · Job Posted April 22, 2026
Apply Position
Job Link Share

Job Description

We’re looking for a Security Governance Manager to lead Governance, Risk & Compliance across Welcome to the Jungle. You’ll drive our SOC 2 certification, run day-to-day security governance (access reviews, audits, controls, vendor reviews, security questionnaires), and navigate regulatory requirements (GDPR, AI Act, SOC2) to accelerate business growth and meet Enterprise customer needs across our France, UK, and US markets. You’ll work in collaboration with our Security Squad (Platform Engineering, Corporate IT, Legal) and cross-functional teams, with a pragmatic mindset and an AI-first approach to GRC.

Job Responsibility

  • Own and drive our SOC2 certification program: gap analysis, control mapping, evidence collection, remediation coordination, and auditor management
  • Prepare and coach cross-functional teams for audit readiness through mock audits and training sessions
  • Navigate overlapping regulatory requirements and enterprise customer expectations
  • Provide security expertise to Legal and DPO on regulatory topics (GDPR, AI Act, etc.)
  • Lay the groundwork for future certifications (ISO 27001)
  • Conduct and maintain risk assessments following ISO 27005 methodology
  • Own the risk register with quarterly reviews, prioritizing risks by business impact
  • Perform SaaS security reviews during procurement and manage third-party risk assessments for critical vendors
  • Assess security impact of organizational, technical, or product changes
  • Respond to customer security questionnaires and support sales cycles with accurate, timely answers
  • Execute recurring governance activities: monthly control checks, quarterly access reviews (Ploy), periodic internal audits
  • Monitor security dashboards and KPIs with Corporate IT and Platform Engineering teams
  • Coordinate security incident response and lead post-incident reviews
  • Coordinate penetration tests with external providers and track vulnerability remediation with Platform Engineering
  • Track and report on security & compliance metrics to leadership
  • Develop and maintain security policies that improve our security posture while minimizing productivity impact
  • Maintain and enrich the Security Knowledge Base with up-to-date documentation
  • Contribute to Security Committee preparation, facilitate meetings, and drive action items
  • Design and deliver security awareness content: onboarding sessions, ongoing trainings (Elba), and internal communications
  • Partner with Engineering to continuously improve security in the SDLC and products

Requirements

  • 4 to 7 years of experience in GRC, information security, or IT audit, ideally in a startup/scaleup
  • Experience with SOC 2 Type II and other security certifications (ISO 27001, etc.)
  • Knowledge of GDPR and data protection best practices
  • Autonomous, action-oriented, comfortable with AI tools
  • Excellent English
  • French is a strong plus

What we offer

  • Four-day week
  • Professional development plan
  • Sick child leave
  • Mental health benefits
  • Employee Resource Groups (ERG)
Assessfirst - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Grc Manager

8 matching positions

Grc Manager

We’re looking for a Security Governance Manager to lead Governance, Risk & Compl...
Location
Location
France , Paris
Salary
Salary:
55000.00 - 64000.00 EUR / Year
balzac-paris.com Logo
Balzac Paris
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4 to 7 years of experience in GRC, information security, or IT audit, ideally in a startup/scaleup
  • Experience with SOC 2 Type II and other security certifications (ISO 27001, etc.)
  • Knowledge of GDPR and data protection best practices
  • Autonomous, action-oriented, comfortable with AI tools
  • Excellent English
  • French is a strong plus
Job Responsibility
Job Responsibility
  • Own and drive our SOC2 certification program: gap analysis, control mapping, evidence collection, remediation coordination, and auditor management
  • Prepare and coach cross-functional teams for audit readiness through mock audits and training sessions
  • Navigate overlapping regulatory requirements and enterprise customer expectations
  • Provide security expertise to Legal and DPO on regulatory topics (GDPR, AI Act, etc.)
  • Lay the groundwork for future certifications (ISO 27001)
  • Conduct and maintain risk assessments following ISO 27005 methodology
  • Own the risk register with quarterly reviews, prioritizing risks by business impact
  • Perform SaaS security reviews during procurement and manage third-party risk assessments for critical vendors
  • Assess security impact of organizational, technical, or product changes
  • Respond to customer security questionnaires and support sales cycles with accurate, timely answers
What we offer
What we offer
  • Semaine de 4 jours
  • Plan de développement professionnel
  • Congés pour enfant malade
  • Solution de prévention santé mentale
  • Employee Resource Groups (ERG)
  • Fulltime
Read More
Arrow Right

Grc Manager

We are democratizing software creation for 99% of the world. We need a GRC Manag...
Location
Location
Sweden , Stockholm
Salary
Salary:
Not provided
lovable.dev Logo
Lovable
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A strategic operator who views compliance as a competitive advantage, not a checklist
  • Experience scaling GRC in a technical environment where 'move fast' is the default setting
  • The ability to coordinate complex projects involving 10+ stakeholders across diverse functions
  • A communicator who can translate technical risk to finance and legal risk to engineering
  • Someone who is excited by the challenge of defining compliance for the AI era
  • Pragmatism over bureaucracy
Job Responsibility
Job Responsibility
  • Own the end-to-end strategy for certifications and technology compliance, ensuring we lead the industry in standards
  • Partner with the Agent and Platform teams to bake compliance directly into our product offering
  • Lead our evolution toward a 'public-ready' company, setting the standard for transparency in AI
  • Build and manage cross-functional workflows that align HR, Finance, Legal, and Engineering under a unified risk framework
  • Eliminate operational friction by automating compliance checks and evidentiary gathering
  • Act as the primary interface between technical reality and regulatory expectations
  • Fulltime
Read More
Arrow Right

Security GRC Manager

Hex is looking for our first Security GRC Manager to build, scale, and own our s...
Location
Location
United States
Salary
Salary:
182000.00 - 295000.00 USD / Year
hex.tech Logo
Her
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8+ years in GRC, compliance, security engineering, privacy, audit, or a related field
  • Deep familiarity with frameworks such as SOC 2, ISO 27001, ISO 27701, PCI DSS, HIPAA, GDPR, and associated security controls
  • Experience running or contributing significantly to audit cycles and certification processes
  • Technical literacy in cloud-native environments (AWS preferred), SaaS architectures, and modern security tooling
  • Ability to understand and explain product architecture, data flows, and control implementations to auditors and customers
  • Experience building or maturing GRC programs at a high-growth company
  • Strong project/program management skills
  • Comfort creating order out of ambiguity
  • Exceptional communicator with the ability to translate complex topics into clear, concise, customer-ready language
  • Strong stakeholder management skills
Job Responsibility
Job Responsibility
  • Own and mature Hex’s security and privacy compliance program across SOC 2, ISO 27001, ISO 27701, HIPAA, GDPR, CCPA, PCI DSS, and other frameworks relevant to our business
  • Ensure continuous audit readiness
  • Track regulatory and industry changes
  • Maintain and develop core security policies, standards, and procedures
  • Own Hex’s risk management lifecycle
  • Build lightweight but effective governance processes
  • Partner with Engineering and Security to ensure technical controls map appropriately to compliance requirements
  • Serve as the primary owner of customer and prospect security questionnaires, risk assessments, and contractual security provisions
  • Manage and improve Hex’s Trust Center / trust portal
  • Collaborate with Sales, Customer Success, and Legal on security-related deal support
What we offer
What we offer
  • Competitive total rewards package
  • Market-benched salary & equity
  • Comprehensive health benefits
  • Flexible paid time off
  • Fulltime
Read More
Arrow Right

Quality Manager, GRC

Join a leading global innovator as a Quality Manager, focusing on operational pl...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Works on issues of diverse scope where analysis of situation or data requires evaluation of a variety of factors
  • Receives objective based assignments and determines resources to meet schedules and goals
  • Follows processes and operational policies in selecting methods and techniques for obtaining solutions often with insufficient information
  • Implementation of solutions often requires a longer-term view taking multiple perspectives into consideration
  • Effectively communicates and presents results and recommendations across discipline, advising diverse stakeholders on complex matters
  • Partners with key contacts outside own area of expertise and other external stakeholders
  • Provides guidance to subordinates within the latitude of established company policies
  • Develops and manages operational plans to deliver tactical results and focus team on medium term goals
  • Mistakes or failure to achieve results will add to costs and may have up to a one-year impact
  • Decisions impact others in the immediate team and influences methods and techniques
Job Responsibility
Job Responsibility
  • Operational planning
  • Stakeholder communication
  • Problem-solving
  • Drive tactical results
  • Engage with diverse stakeholders
What we offer
What we offer
  • Workplace embraces diversity and inclusion
  • Place where you can grow, belong and thrive
  • Fulltime
Read More
Arrow Right

Security GRC Manager

We enable Plaid to quickly build safe and secure products while ensuring that Pl...
Location
Location
United States , New York
Salary
Salary:
166800.00 - 282000.00 USD / Year
plaid.com Logo
Plaid
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands on experience operating security GRC programs that map to industry frameworks: SSAE18 (SOC1 and SOC2), ISO 27001, SOX 404 ITGCs, NIST CSF and 800-53
  • Hands on experience translating framework requirements into practical and testable control objectives
  • Hands on experience operating technology risk management programs, and applying quantitative risk analysis techniques (FAIR) and structured qualitative risk modeling
  • Cloud-Native security controls and architecture literacy
  • Direct customer facing security and trust assurance experience, and stakeholder management
  • Direct auditor facing experience through scoping, evidence collection, testing, and remediations
  • Direct experience building and deploying control automations
  • Working knowledge of modern web application architecture, build and release techniques, incident response, AuthN/AuthZ strategies, data encryption, vulnerability management, third-party risk management, and security training
Job Responsibility
Job Responsibility
  • Own Plaid's Security GRC strategy and roadmap
  • Lead and scale the Security GRC team
  • Run the Compliance and Assurance programs
  • Build internal and external customer and partner trust
  • Accelerate GRC workflows through automation
What we offer
What we offer
  • medical
  • dental
  • vision
  • 401(k)
  • Fulltime
Read More
Arrow Right

Security GRC Manager

We enable Plaid to quickly build safe and secure products while ensuring that Pl...
Location
Location
United States , San Francisco
Salary
Salary:
166800.00 - 282000.00 USD / Year
plaid.com Logo
Plaid
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands on experience operating security GRC programs that map to industry frameworks: SSAE18 (SOC1 and SOC2), ISO 27001, SOX 404 ITGCs, NIST CSF and 800-53
  • Hands on experience translating framework requirements into practical and testable control objectives
  • Hands on experience operating technology risk management programs, and applying quantitative risk analysis techniques (FAIR) and structured qualitative risk modeling
  • Cloud-Native security controls and architecture literacy
  • Direct customer facing security and trust assurance experience, and stakeholder management
  • Direct auditor facing experience through scoping, evidence collection, testing, and remediations
  • Direct experience building and deploying control automations
  • Working knowledge of modern web application architecture, build and release techniques, incident response, AuthN/AuthZ strategies, data encryption, vulnerability management, third-party risk management, and security training
Job Responsibility
Job Responsibility
  • Own Plaid's Security GRC strategy and roadmap
  • Lead and scale the Security GRC team
  • Run the Compliance and Assurance programs
  • Build internal and external customer and partner trust
  • Accelerate GRC workflows through automation
What we offer
What we offer
  • medical
  • dental
  • vision
  • 401(k)
  • equity
  • commission
  • Fulltime
Read More
Arrow Right

Project Manager within GRC

As a Project Manager within our GRC product area, you lead the implementation of...
Location
Location
Sweden , Göteborg; Stockholm
Salary
Salary:
Not provided
Stratsys
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience working broadly within GRC-related areas (e.g. risk, information security, compliance), with hands-on experience translating requirements into processes, systems, or implementation projects in a business context
  • Bachelor’s or master’s degree in a relevant field
  • Understanding of relevant regulatory frameworks such as NIS2, DORA, or similar
  • Experience from the private sector and working with different stakeholders
  • Experience of driving work forward, structuring initiatives, or leading projects
  • Interest in systems and how digital tools support business processes
Job Responsibility
Job Responsibility
  • Leading implementation and onboarding of Stratsys’ platform and GRC products which means hands-on configuring solutions in the system
  • Translating customer needs into structured and scalable solutions in the system
  • Guiding customers in how to apply the platform to their GRC processes
  • Acting as an advisor in customer dialogues with a focus on how to apply best practices within the platform and its GRC functionalities
  • Supporting more complex customer engagements and contributing to business and offering development
What we offer
What we offer
  • An engaging work environment with colleagues who share a common goal: delivering a world-class platform within important and impactful areas
  • Work with complex and business-critical topics such as risk, information security, and compliance
  • Be part of shaping how we deliver and scale GRC at Stratsys
  • Challenging, varied, and engaging tasks, with both the freedom and encouragement to work independently and think innovatively
  • Join a high-energy, close-knit team where successes are shared and celebrated together
  • Work from modern and centrally located offices at A House Ark in Stockholm or Kungsportplatsen in Gothenburg
  • Join a company with great benefits
  • Fulltime
Read More
Arrow Right

Lead GRC Program Manager

Location
Location
United States , Austin
Salary
Salary:
Not provided
bumble.com Logo
Bumble Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Have you personally built a GRC or compliance program from the ground up in a product or technology company rather than supporting or inheriting an existing program?
  • Have you replaced a recurring manual compliance or audit control with an automated, system-driven control?
  • Have you owned external audits end to end, including control design, evidence strategy, auditor interaction, and remediation decisions?
  • Have you worked through a customer payment or sensitive data flow to determine PCI scope, storage locations, and compliance boundaries?
  • Are you comfortable owning compliance and risk decisions in a fast-moving product environment without relying on a fully implemented GRC platform or large compliance team?
  • Do you live in/within commutable distance to Austin
Read More
Arrow Right