CrawlJobs Logo

Lead GRC Program Manager

United States, Austin · Job Posted February 18, 2026
Apply Position
Job Link Share

Requirements

  • Have you personally built a GRC or compliance program from the ground up in a product or technology company rather than supporting or inheriting an existing program?
  • Have you replaced a recurring manual compliance or audit control with an automated, system-driven control?
  • Have you owned external audits end to end, including control design, evidence strategy, auditor interaction, and remediation decisions?
  • Have you worked through a customer payment or sensitive data flow to determine PCI scope, storage locations, and compliance boundaries?
  • Are you comfortable owning compliance and risk decisions in a fast-moving product environment without relying on a fully implemented GRC platform or large compliance team?
  • Do you live in/within commutable distance to Austin

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Lead GRC Program Manager

8 matching positions

Director, Security GRC Program Lead

Meta is seeking a highly skilled Security GRC Program Manager to join our Risk O...
Location
Location
United States , Bellevue
Salary
Salary:
227000.00 - 287000.00 USD / Year
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Significant experience as a leader and contributor in security risk management and compliance, including providing second-line oversight
  • Strong track record of operating effectively and influencing outcomes with Engineering, Product, GRC, and Legal partners
  • Extensive experience with Governance, Risk, and Compliance (GRC) and Legal functions
  • Deep expertise in security, with the ability to holistically understand relevant issues, partners, and products, and go deep on technical details
  • Proven ability to identify critical issues, balance competing priorities, translate technical and regulatory concepts for diverse audiences, and personally drive initiatives to completion
  • In-depth knowledge of complex global regulatory requirements (e.g., GDPR, SEC, PCI-DSS, NYDFS)
  • Demonstrated ability to build strong formal and informal networks with key influencers and decision makers inside and outside the company
  • Experience working in integrated privacy-security environments or familiarity with unified GRC frameworks across multiple risk domains
Job Responsibility
Job Responsibility
  • Lead and deliver on deeply complex, high-impact projects that shape Meta's risk profile and business trajectory
  • Proactively identify long-term, critical, and ambiguous problems, setting a clear vision and strategy for risk management in alignment with company goals
  • Partner with Central Security teams to analyze, streamline, and consolidate issues and risks from all sources (1LoD, 2LoD, 3LoD, external) into a clear, prioritized list for first-line-of-defense consumption and actioning
  • Integrate security risk management with Meta's Security Prioritization Framework (SPF) and contribute to capability maturity assessments to drive risk-based prioritization across the organization
  • Define and maintain clear interfaces and points of contact with the Security organization and other key partners, ensuring efficient governance and communication
  • Prepare regular updates and compliance documents to ensure Meta meets board and regulatory obligations, adapting processes and strategies to evolving regulatory and business environments
  • Drive cross-org execution, collaborating with Risk, Security, Legal, Product, and Engineering functions to deliver results and maximize impact
  • Champion organizational efforts to build and sustain diversity, culture, recruitment, onboarding, mentoring, and development programs, serving as a role model and mentor for others
  • Integrate learnings and best practices from/to sister 2LoD organizations (e.g., Integrity GRC, Privacy GRC), and partner with Product & Engineering teams on necessary second-line-of-defense tooling within the unified GRC framework
What we offer
What we offer
  • bonus
  • equity
  • benefits
Read More
Arrow Right

Program Manager, Integrity GRC

Meta’s Integrity GRC team is the central force behind integrity risk management ...
Location
Location
United States , New York
Salary
Salary:
153000.00 - 209000.00 USD / Year
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years in risk management, compliance, or integrity roles within large, complex, or regulated organizations
  • Experience in risk assessment to identify, evaluate, and mitigate compliance and integrity risks
  • Knowledge of global regulatory frameworks relevant to technology, social media, or digital platforms
  • Demonstrated experience working across legal, regulatory, and business teams
  • Demonstrated communication skills, with experience presenting risk management topics to leadership and regulators
  • Demonstrated ability to prepare, edit, and review reports, including regulatory, risk, and compliance documentation
  • Program/project management experience, including prioritizing deliverables and driving cross-functional alignment
  • Track record of process improvement, identifying and addressing gaps in risk management strategy, systems, or processes
Job Responsibility
Job Responsibility
  • Lead Risk Assessment Activities: Proactively identify, assess, and mitigate compliance and integrity risks across Meta’s platforms, including conducting statutory risk assessments
  • Support Regulatory Audit Readiness: Manage audit readiness activities and coordinate responses to regulatory audits and requests for information, ensuring Meta’s compliance posture is well-documented and defensible
  • Draft, Edit, and Review Regulatory Reports: Prepare, edit, and review regulatory and compliance reports, ensuring clarity, accuracy, and alignment with internal standards and external requirements. Maintain submission-ready documentation
  • Monitor and Interpret Regulatory Changes: Maintain an understanding of the evolving global regulatory landscape impacting Meta’s Integrity functions, and translate regulatory changes into actionable project work and risk management deliverables
  • Serve as Integrity GRC Subject Matter Expert: Act as a key connection point between Integrity Risk Management, Legal, Regulatory Offices, and business teams, providing guidance on risk management matters
  • Drive Cross-Functional Collaboration: Build and maintain relationships with global stakeholders across Integrity, Legal, and business teams to ensure alignment and execution of compliance and risk management activities
  • Ensure Regulatory and Policy Adherence: Ensure all activities and documentation adhere to internal standards and regulatory requirements, supporting Meta’s capacity to maintain legal and regulatory compliance
  • Communicate Risk and Compliance Status: Establish streamlined communication models to provide regular updates, status reports, and feedback requests to stakeholders, ensuring transparency and cross-functional alignment
  • Identify and Address Gaps: Identify gaps in strategy, systems, or processes related to risk management, and work with relevant teams to implement improvements
  • Support Business Travel: Travel as needed (up to 10%) to support regulatory or risk management activities
What we offer
What we offer
  • bonus
  • equity
  • benefits
Read More
Arrow Right

Program Manager, Program Governance

This role will be responsible for program management within the Governance pilla...
Location
Location
United States , Menlo Park
Salary
Salary:
122000.00 - 180000.00 USD / Year
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of work experience in risk and compliance, legal, consulting, business operations or other operational disciplines
  • 4+ years of experience working in regulatory domains like privacy, integrity or security OR in a role associated with data protection, regulatory response, audit and implementation of control frameworks
  • 3+ years of work experience in program or project management
  • Bachelor's Degree in a related field or equivalent experience
Job Responsibility
Job Responsibility
  • Design and operate governance and reporting requirements for Meta’s Privacy Program, and Security GRC Programs
  • Facilitate governance forums designed to oversee and drive strategic decision making for Privacy and Security GRC programs
  • Recommend and draft Privacy program oversight and adjustment reporting for external assessment under Meta’s FTC Consent Order, including leadership socialization of recommendations and 2nd line of defense reviews
  • Work with legal, privacy and product leadership (including Meta Executives) teams to ensure the cross-company work on regulatory priorities is planned, implemented and executed in an efficient & effective manner
  • Prepare communication materials and progress tracking for multiple audiences including supporting material for Meta executives and its Board of Directors
  • Lead strategic conversations with external auditors and internal leadership team
  • Advise on industry standards related to external assessments and audits
  • Create mechanisms for identifying and monitoring updates, milestones and roadblocks on privacy work and ensuring leadership is aware of status and progress
  • Drive greater consistency of Governance process, practices, and execution across company-wide privacy, security, integrity and AI workstreams
  • Champion the overall implementation plan related to Meta’s FTC Consent order (and similar Privacy directives, both current and future) including understanding order requirements and associated technical and operational work required across the company to comply successfully
What we offer
What we offer
  • bonus
  • equity
  • benefits
Read More
Arrow Right

Security GRC Manager

Hex is looking for our first Security GRC Manager to build, scale, and own our s...
Location
Location
United States
Salary
Salary:
182000.00 - 295000.00 USD / Year
hex.tech Logo
Her
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8+ years in GRC, compliance, security engineering, privacy, audit, or a related field
  • Deep familiarity with frameworks such as SOC 2, ISO 27001, ISO 27701, PCI DSS, HIPAA, GDPR, and associated security controls
  • Experience running or contributing significantly to audit cycles and certification processes
  • Technical literacy in cloud-native environments (AWS preferred), SaaS architectures, and modern security tooling
  • Ability to understand and explain product architecture, data flows, and control implementations to auditors and customers
  • Experience building or maturing GRC programs at a high-growth company
  • Strong project/program management skills
  • Comfort creating order out of ambiguity
  • Exceptional communicator with the ability to translate complex topics into clear, concise, customer-ready language
  • Strong stakeholder management skills
Job Responsibility
Job Responsibility
  • Own and mature Hex’s security and privacy compliance program across SOC 2, ISO 27001, ISO 27701, HIPAA, GDPR, CCPA, PCI DSS, and other frameworks relevant to our business
  • Ensure continuous audit readiness
  • Track regulatory and industry changes
  • Maintain and develop core security policies, standards, and procedures
  • Own Hex’s risk management lifecycle
  • Build lightweight but effective governance processes
  • Partner with Engineering and Security to ensure technical controls map appropriately to compliance requirements
  • Serve as the primary owner of customer and prospect security questionnaires, risk assessments, and contractual security provisions
  • Manage and improve Hex’s Trust Center / trust portal
  • Collaborate with Sales, Customer Success, and Legal on security-related deal support
What we offer
What we offer
  • Competitive total rewards package
  • Market-benched salary & equity
  • Comprehensive health benefits
  • Flexible paid time off
  • Fulltime
Read More
Arrow Right

Staff Security Technical Program Manager

Aurora is looking for a Staff Technical Program Manager (TPM) to lead complex se...
Location
Location
United States , Mountain View
Salary
Salary:
181000.00 - 262000.00 USD / Year
aurora.tech Logo
Aurora Innovation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8–10+ years of experience in technical program management, engineering program management, or security program management in a technology organization
  • 5+ years leading complex cross‑functional technical programs involving multiple engineering teams
  • Experience partnering closely with engineering teams on architecture, platform, or infrastructure initiatives, demonstrating strong systems thinking and technical depth
  • Experience managing large‑scale technical systems programs, such as platform security initiatives, infrastructure modernization, or security architecture programs
  • Proven ability to coordinate multi‑team engineering efforts with significant technical complexity and long time horizons
  • Experience managing program governance, cross‑team dependencies, and risk mitigation across multi‑quarter initiatives
Job Responsibility
Job Responsibility
  • Lead large cross‑team security programs that span Aurora’s security pillars, including Product Security, Cloud Security, Security Engineering, Security Operations, GRC, and Enterprise IT
  • Establish strong program governance across major initiatives, including roadmaps, risk tracking, dependency management, and escalation paths for complex security programs
  • Drive end‑to‑end execution of strategic security initiatives, from planning and roadmap development through delivery and operational handoff
  • Coordinate complex technical work across multiple teams, managing dependencies, removing blockers, and enabling engineering teams to deliver successfully
  • Provide clear visibility into program health through dashboards, leadership reviews, and regular updates to security and engineering leadership
What we offer
What we offer
  • annual bonus
  • equity compensation
  • benefits
  • Fulltime
Read More
Arrow Right

Cybersecurity Technical Program Manager

We are seeking a high-energy, results-driven M&A Technical Program Manager to se...
Location
Location
United States , Remote
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of progressive experience in technical program management, IT operations, or enterprise technology delivery
  • 5+ years of direct experience managing M&A integration and/or divestiture/separation workstreams
  • 5+ years of experience partnering with cybersecurity/GRC teams on cyber risk management within complex enterprise programs
  • 3+ years of experience with IAM programs
  • Proven track record of serving as a single point of accountability for complex, cross-functional programs
  • Demonstrated ability to manage centralized demand pipelines, prioritization frameworks, and delivery execution in a matrixed environment
  • Bachelor's degree in Information Technology, Computer Science, Business Management, Engineering, or a related field (or equivalent experience)
  • Hands-on experience with divestiture execution, TSA/Reverse TSA governance, and separation planning
  • Familiarity with enterprise tools such as ServiceNow, Jira, Smartsheet, Planview, or similar portfolio/project management platforms
  • Experience with ITIL, Agile/Scrum, or Kanban delivery methodologies
Job Responsibility
Job Responsibility
  • Serve as the centralized single point of accountability for divestiture/separation technology delivery
  • Own end-to-end divestiture/separation execution across all technology workstreams
  • Partner with Cybersecurity, GRC, Privacy, and Legal to perform separation-focused cyber risk assessments
  • Provide program management leadership for IAM separation initiatives
  • Apply technical acumen to know when to personally drive solutioning versus when to engage architects, engineers, or SMEs
  • Foster strong relationships with business leaders, IT teams, vendors, and executive stakeholders
  • Deliver executive-level reporting on program KPIs, integration milestones, and delivery health across the portfolio
  • Fulltime
Read More
Arrow Right

Grc Manager

We’re looking for a Security Governance Manager to lead Governance, Risk & Compl...
Location
Location
France , Paris
Salary
Salary:
55000.00 - 64000.00 EUR / Year
balzac-paris.com Logo
Balzac Paris
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4 to 7 years of experience in GRC, information security, or IT audit, ideally in a startup/scaleup
  • Experience with SOC 2 Type II and other security certifications (ISO 27001, etc.)
  • Knowledge of GDPR and data protection best practices
  • Autonomous, action-oriented, comfortable with AI tools
  • Excellent English
  • French is a strong plus
Job Responsibility
Job Responsibility
  • Own and drive our SOC2 certification program: gap analysis, control mapping, evidence collection, remediation coordination, and auditor management
  • Prepare and coach cross-functional teams for audit readiness through mock audits and training sessions
  • Navigate overlapping regulatory requirements and enterprise customer expectations
  • Provide security expertise to Legal and DPO on regulatory topics (GDPR, AI Act, etc.)
  • Lay the groundwork for future certifications (ISO 27001)
  • Conduct and maintain risk assessments following ISO 27005 methodology
  • Own the risk register with quarterly reviews, prioritizing risks by business impact
  • Perform SaaS security reviews during procurement and manage third-party risk assessments for critical vendors
  • Assess security impact of organizational, technical, or product changes
  • Respond to customer security questionnaires and support sales cycles with accurate, timely answers
What we offer
What we offer
  • Semaine de 4 jours
  • Plan de développement professionnel
  • Congés pour enfant malade
  • Solution de prévention santé mentale
  • Employee Resource Groups (ERG)
  • Fulltime
Read More
Arrow Right

Grc Manager

We’re looking for a Security Governance Manager to lead Governance, Risk & Compl...
Location
Location
France , Paris
Salary
Salary:
55000.00 - 64000.00 EUR / Year
assessfirst.com Logo
Assessfirst
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4 to 7 years of experience in GRC, information security, or IT audit, ideally in a startup/scaleup
  • Experience with SOC 2 Type II and other security certifications (ISO 27001, etc.)
  • Knowledge of GDPR and data protection best practices
  • Autonomous, action-oriented, comfortable with AI tools
  • Excellent English
  • French is a strong plus
Job Responsibility
Job Responsibility
  • Own and drive our SOC2 certification program: gap analysis, control mapping, evidence collection, remediation coordination, and auditor management
  • Prepare and coach cross-functional teams for audit readiness through mock audits and training sessions
  • Navigate overlapping regulatory requirements and enterprise customer expectations
  • Provide security expertise to Legal and DPO on regulatory topics (GDPR, AI Act, etc.)
  • Lay the groundwork for future certifications (ISO 27001)
  • Conduct and maintain risk assessments following ISO 27005 methodology
  • Own the risk register with quarterly reviews, prioritizing risks by business impact
  • Perform SaaS security reviews during procurement and manage third-party risk assessments for critical vendors
  • Assess security impact of organizational, technical, or product changes
  • Respond to customer security questionnaires and support sales cycles with accurate, timely answers
What we offer
What we offer
  • Four-day week
  • Professional development plan
  • Sick child leave
  • Mental health benefits
  • Employee Resource Groups (ERG)
  • Fulltime
Read More
Arrow Right