CrawlJobs Logo

Product GRC SME

vanta.com Logo

Vanta

Location Icon

Location:
United States

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

158000.00 - 186000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

As Vanta’s newest GRC Subject Matter Expert, you’ll be responsible for developing and maintaining multi-framework GRC solutions used by thousands of customers. Acting as a bridge between Product Management, Engineering, Design, Sales, and Customer Success, you’ll ensure our solutions align with key security, privacy, and risk frameworks and real-world customer needs. You’ll play a pivotal role in designing, validating, and improving compliance-related content and capabilities while providing strategic input to shape Vanta’s GRC product roadmap.

Job Responsibility:

  • Build and maintain compliance frameworks
  • Design crosswalks and mappings (framework‑agnostic)
  • Elevate content quality and usability
  • Drive end‑to‑end GRC product enablement
  • Act as a product advisor across discovery & design
  • Author automated tests & continuous monitoring
  • Partner with Product to drive roadmap
  • Enable AI‑assisted compliance
  • Synthesize feedback loops

Requirements:

  • 5-7+ years in GRC and/or Information Security with hands‑on implementation or assessment across multiple frameworks (e.g., SOC 2, ISO 27001/27701, HIPAA, PCI DSS, NIST CSF/800‑53)
  • Experience with cloud environments and SaaS is strongly preferred
  • Federal experience (e.g., FedRAMP) is a plus but not required
  • Bachelor’s degree in Computer Science (preferred)
  • advanced degree a plus
  • Deep understanding of controls, risks, testing approaches, evidence standards, and program operations (policies, risk registers, issues/POA&M management, vendor risk, continuous monitoring)
  • Ability to translate requirements into productizable capabilities
  • comfort with experimentation and data‑driven prioritization
  • Build leverage with lightweight tools, LLMs, and automation workflows
  • Skilled at precise control wording, mapping accuracy, and evidence specificity
  • comfortable working in spreadsheets and large data sets (lookups, pivots)
  • Excellent written and verbal skills
  • able to partner effectively with engineers, designers, GTM teams, auditors, and customers
  • Able to work autonomously while contributing to team success
  • Willing & excited to support cross-functional teams and improve compliance content
  • Skilled at managing change, solving problems proactively, and taking initiative
  • Open to using AI to amplify their skills and strengthen their work - demonstrating curiosity, a willingness to learn, and sound judgment in applying AI responsibly to improve efficiency and impact

Nice to have:

  • Experience with privacy regulations (GDPR/CCPA), risk quantification (e.g., FAIR), audit/assessor background, or B2B SaaS content/enablement
  • Certifications (preferred, not required) - One or more of: CISA, CISSP, CCSK/CCSK+, ISO 27001 Lead Implementer/Lead Auditor, CIPM/CIPT, PCI‑ISA/QSA
What we offer:
  • Offers Equity
  • medical benefits
  • 401(k) plan
  • other company perk programs
  • Comprehensive medical, dental, and vision coverage, with 100% of employee-only benefit premiums covered for most medical plans
  • 16 weeks fully-paid Parental Leave for all new parents
  • Health & wellness stipend
  • Remote workspace, internet, and cellphone stipend
  • Commuter benefits for team members who report to the SF and NYC office
  • Family planning benefits
  • Matching 401(k) contribution with immediate vesting
  • Flexible PTO policy, plus 80 hours of Sick Time
  • 11 company-paid holidays
  • Virtual team building activities, lunch and learns, and other company-wide events

Additional Information:

Job Posted:
February 21, 2026

Employment Type:
Fulltime
Work Type:
Remote work
Icon
Vanta - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon
PREMIUM
More languages and countries
+ Unlock 2305 hidden job offers
Languages
English Čeština Deutsch Ελληνικά Español Français +15
Countries
United States United Kingdom India Canada Australia +
See plans
Plans from $2.99 / month

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Product GRC SME

Technical GRC Consultant

Our client, a leading technology integrator, is in need of a Technical GRC Consu...
Location
Location
United States
Salary
Salary:
78.00 - 115.00 USD / Hour
clearbridgetech.com Logo
ClearBridge Technology Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • SME level knowledge of Governance, Risk and Compliance frameworks
  • FedRAMP Moderate and IL4 knowledge of NIST 800-53 controls as well as a strong understanding of Rev 5
  • Experience working with GRC SaaS products. Paramify, RegScale or Vanta experience is a huge plus
  • Experience working with Python or API based automation in order to write “Fetcher” and “Validator” scripts to automate evidence collection
  • Ability to validate boundary diagrams, data flows, and network architecture against actual cloud configurations
  • Demonstrated ability to develop and deliver training to staff on GRC processes, tools, and implementation best practices
Job Responsibility
Job Responsibility
  • Working remotely in support of a GRC effort to move legacy ATO documentation into a modern, machine-readable format
  • Supporting a GRC SaaS implementation and should understand how to manage workspaces, program settings and KSI (Key Security Indicators) mapping
  • Creating scripts and validators to automate evidence collection from our clients environment
  • Validating boundary diagrams, data flows and network architecture against actual cloud configurations
  • Developing and delivering training to staff on GRC processes, tools and implementation best practices
What we offer
What we offer
  • excellent benefits and compensation packages
Read More
Arrow Right

Security GRC Engineer

The Security GRC Engineer at Atlassian will be instrumental in implementing and ...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years experience in a similar role, preferably in a large-scale SaaS/Product environment
  • Expertise and experience working in security-focused roles
  • Experience with application security, especially web applications
  • Experience in cloud security architecture and infrastructure
  • Experience providing SME knowledge and guidance to stakeholders and engineering functions
  • Experience working with internal/external audit and leadership teams
  • Solid knowledge of cybersecurity principles, risk management strategies, and IT governance frameworks
  • Strong communication and interpersonal skills, with the ability to interact with stakeholders at all levels and explain complex security concepts in an understandable way
  • Relevant certifications such as CISSP, CISM, or CRISC would be beneficial
  • Scripting experience to automate recurring tasks (JQL, SQL, Python, Go)
Job Responsibility
Job Responsibility
  • Develop and implement security risk and governance capabilities, policies, and operations, ensuring alignment with Atlassian's business objectives and compliance with relevant laws and regulations
  • Provide technical guidance, promote automation, review designs, and support security teams to equip engineering partner teams with the latest tools, techniques, and methodologies to build secure products by default
  • Security GRC data management, analysis and reporting
  • Identify potential security risks and threats, and develop strategies to mitigate them
  • Understand Atlassian’s security controls and how they mitigate our risks
  • Support other teams in implementing and maintaining security controls and best practices
  • Periodically evaluate and report on the effectiveness of Atlassian’s security posture
  • Stay informed on the latest developments in cybersecurity and risk management to ensure that Atlassian's security controls are always at the cutting edge
What we offer
What we offer
  • health coverage
  • paid volunteer days
  • wellness resources
  • Fulltime
Read More
Arrow Right

ServiceNow Support Engineer

The ServiceNow Support Engineer will serve as the primary subject matter expert ...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science or a related field
  • At least 5 years of experience in a similar position
  • Strong technical skills in ServiceNow
  • Strong technical skills in incident management
  • Effective stakeholder communication
Job Responsibility
Job Responsibility
  • Act as the primary SME for the ServiceNow platform including ITSM, CMDB, ITOM (Discovery/Event/Orchestration), HRSD, CSM, SecOps, GRC, Performance Analytics, and Service Portal/Now Experience
  • Provide production support: triage incidents, perform root-cause analysis, implement fixes or workarounds, and manage escalations to ensure SLA adherence
  • Manage platform administration: system properties, scheduled jobs, notification schemes, upgrade readiness, and instance cloning processes
  • Lead and maintain integrations using IntegrationHub, REST/SOAP web services, MID Server, JDBC, SFTP, and message queues for third-party systems (AD/LDAP, HR/payroll, monitoring tools, CMDB sources)
  • Own CMDB health: reconciliation, discovery schedules, CI relationships, and data quality rules
  • Support and enhance Service Portal / Now Experience pages, widgets, Virtual Agent bots, and catalog items
  • Manage security & access: role/permission model, delegated administration, ACLs, and data segregation
  • Coordinate and execute instance upgrades and patches, perform regression testing, and remediate upgrade impacts
  • Maintain runbooks, SOPs, knowledge base articles, and technical documentation for repeatable support tasks
  • Drive continuous improvement: automation (catalog workflows, orchestration), performance tuning, reduction of manual interventions, and adoption of best practices
  • Fulltime
Read More
Arrow Right

Security Engineer 4 - FedRAMP Compliance Architect

PagerDuty is seeking a Security Engineer 4 - FedRAMP Compliance Architect to joi...
Location
Location
United States
Salary
Salary:
176000.00 - 281000.00 USD / Year
https://www.pagerduty.com Logo
PagerDuty
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in cloud security architecture, compliance, or cybersecurity engineering
  • at least 3 years of experience supporting FedRAMP Moderate or High authorization
  • deep expertise in FedRAMP, NIST 800-53, FISMA, and cloud security best practices
  • strong ability to assess security risks and recommend technical and procedural mitigations
  • experience working with AWS GovCloud, Azure Government, or other federal cloud environments
  • experience with audit preparation, risk assessments, and working with third-party assessors (3PAOs)
  • exceptional written and verbal communication skills for creating and managing FedRAMP documentation
Job Responsibility
Job Responsibility
  • Design, implement, and maintain system architectures to align with FedRAMP requirements
  • serve as the subject matter expert (SME) on FedRAMP, advising internal teams on security best practices, control implementations, and risk mitigation strategies
  • collaborate with engineering, operations, product, and corporate IT teams to develop secure cloud-based architectures that meet federal compliance mandates
  • implement governance strategy on technical security controls, including access management, configuration, encryption, logging, monitoring, and vulnerability management
  • support annual assessments, security control reviews, and audits, coordinating with third-party assessors (3PAO) and government sponsors
  • technical support for external stakeholders on customer responsibilities
  • key contributor to the development and maintenance of the System Security Plan (SSP), Policies and Procedures, Configuration Management Plan, Secure System Development Life Cycle, and other FedRAMP documentation
  • partner with the GRC (Governance, Risk, and Compliance) team to efficiently track and resolve security findings
What we offer
What we offer
  • Competitive salary
  • comprehensive benefits package from day one
  • flexible work arrangements
  • company equity
  • ESPP (Employee Stock Purchase Program)
  • retirement or pension plan
  • generous paid vacation time
  • paid holidays and sick leave
  • Dutonian Wellness Days & HibernationDuty - companywide paid days off in addition to PTO
  • paid parental leave: 22 weeks for pregnant parent, 12 weeks for non-pregnant parent
  • Fulltime
Read More
Arrow Right

Security Engineer 4 - FedRAMP Compliance Architect

PagerDuty is seeking a Security Engineer 4 - FedRAMP Compliance Architect to joi...
Location
Location
United States , Atlanta
Salary
Salary:
176000.00 - 281000.00 USD / Year
https://www.pagerduty.com Logo
PagerDuty
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in cloud security architecture, compliance, or cybersecurity engineering, with at least 3 years of experience supporting FedRAMP Moderate or High authorization
  • Deep expertise in FedRAMP, NIST 800-53, FISMA, and cloud security best practices
  • Strong ability to assess security risks and recommend technical and procedural mitigations
  • Experience working with AWS GovCloud, Azure Government, or other federal cloud environments
  • Experience with audit preparation, risk assessments, and working with third-party assessors (3PAOs)
  • Exceptional written and verbal communication skills for creating and managing FedRAMP documentation
Job Responsibility
Job Responsibility
  • Design, implement, and maintain system architectures to align with FedRAMP requirements
  • Serve as the subject matter expert (SME) on FedRAMP, advising internal teams on security best practices, control implementations, and risk mitigation strategies
  • Collaborate with engineering, operations, product, and corporate IT teams to develop secure cloud-based architectures that meet federal compliance mandates
  • Implement governance strategy on technical security controls, including access management, configuration, encryption, logging, monitoring, and vulnerability management
  • Support annual assessments, security control reviews, and audits, coordinating with third-party assessors (3PAO) and government sponsors
  • Technical support for external stakeholders on customer responsibilities
  • Key contributor to the development and maintenance of the System Security Plan (SSP), Policies and Procedures, Configuration Management Plan, Secure System Development Life Cycle, and other FedRAMP documentation
  • Partner with the GRC (Governance, Risk, and Compliance) team to efficiently track and resolve security findings
What we offer
What we offer
  • Competitive salary
  • Comprehensive benefits package from day one
  • Flexible work arrangements
  • Company equity
  • ESPP (Employee Stock Purchase Program)
  • Retirement or pension plan
  • Generous paid vacation time
  • Paid holidays and sick leave
  • Dutonian Wellness Days & HibernationDuty - companywide paid days off in addition to PTO
  • Paid parental leave: 22 weeks for pregnant parent, 12 weeks for non-pregnant parent (some countries have longer leave standards and we comply with local laws)
  • Fulltime
Read More
Arrow Right

Senior Security GRC Engineer

The Senior Security GRC Engineer at Atlassian will be instrumental in implementi...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-7+ years experience in a similar role, preferably in a large-scale SaaS/Product environment
  • Expertise and experience working in security-focused roles
  • Experience with application security, especially web applications
  • Experience in cloud security architecture and infrastructure
  • Experience providing SME knowledge and guidance to stakeholders and engineering functions
  • Experience working with internal/external audit and leadership teams
  • Solid knowledge of cybersecurity principles, risk management strategies, and IT governance frameworks
  • Strong communication and interpersonal skills, with the ability to interact with stakeholders at all levels and explain complex security concepts in an understandable way
  • Relevant certifications such as CISSP, CISM, or CRISC would be beneficial
  • Scripting experience to automate recurring tasks (JQL, SQL, Python, Go)
Job Responsibility
Job Responsibility
  • Deliver technical expertise and innovation, providing security guidance to teams and promoting the adoption of industry-leading methodologies to build secure products by default
  • Drive technical solutions in security and risk management
  • Leverage data analytics and visualization, deriving actionable insights from security governance, risk, and compliance data
  • Promote automation and tooling, encouraging the use of the latest security tools to enhance product security processes
  • Proactively identify and mitigate risks, recognizing potential security threats or compliance concerns specific to product security
  • Collaborate with product security teams, implementing security controls and best practices
  • Regularly evaluate and report, assessing the effectiveness of security controls
  • Influence and align stakeholders, working with security engineers and stakeholders to drive alignment on security initiatives
  • Stay informed on regulatory awareness and compliance, keeping up with the latest developments in legislative, regulatory, and industry security requirements
What we offer
What we offer
  • health coverage
  • paid volunteer days
  • wellness resources
  • Fulltime
Read More
Arrow Right
New

Qualified Educator, Certificate 3, Diploma Trained Educator

We have casual roles available for Early Childhood Teachers (ECTs), Diploma and ...
Location
Location
Australia , Mount Barker
Salary
Salary:
Not provided
https://www.randstad.com Logo
Randstad
Expiration Date
June 14, 2026
Flip Icon
Requirements
Requirements
  • Certificate III or Diploma in Early Childhood Education and Care or a Bachelor of Education in Early Childhood / Childcare
  • Willingness to travel to different locations around your area
  • Able to implement quality, engaging, and activity-based programs
  • An understanding of the Early Learning Framework
  • Early Childhood Teachers must have a willingness to obtain their relevant state based teachers registration
  • Australian work rights and a willingness to gain you state based working with children's check
  • Willingness to undertake National Child Safety training
Job Responsibility
Job Responsibility
  • Implement quality, engaging, and activity-based programs
What we offer
What we offer
  • Manage your schedule via our app
  • Free and fast path to work
  • Fulltime
Read More
Arrow Right
New

Personal Assistant/Senior Administrators

Are you the backbone of every office you walk into? Do you thrive on anticipatin...
Location
Location
New Zealand , Christchurch
Salary
Salary:
30.00 - 45.00 NZD / Hour
https://www.randstad.com Logo
Randstad
Expiration Date
June 14, 2026
Flip Icon
Requirements
Requirements
  • Proven Experience: A solid background in senior-level support or complex office management
  • Tech Savvy: Advanced proficiency in the MS Office Suite (and ideally exposure to ERP or CRM systems)
  • Adaptability: The ability to hit the ground running and pivot priorities at a moment's notice
  • Exceptional Communication: A natural ability to build rapport with stakeholders at all levels
  • Reliability: For temporary roles, we look for candidates with a minimum of 6 month's availability
Job Responsibility
Job Responsibility
  • Supporting C-Suite and Director-level leadership
  • Overseeing operations and culture
  • Driving timelines and high-level documentation
  • Specialised support requiring high confidentiality
What we offer
What we offer
  • Flexibility: Choose between the stability of a permanent role or the fast-paced variety of temporary contracting
  • Competitive Pay: Rates ranging from $30 - $45+ per hour (depending on experience) for temporary roles, plus all statutory entitlements
  • Exclusive Access: Many of our senior administrative roles are filled via our talent pool before they are ever advertised publicly
  • Partnered Approach: We act as your career advocates, ensuring you land in an environment that matches your professional values
  • Fulltime
Read More
Arrow Right