HQ - GRC Lead

Job description

We are looking for a GRC Lead to own and scale our Governance, Risk, and Compliance function within a fast-growing product company. This is a key role responsible for ensuring compliance with SOX, ISO 27001, and GDPR, while enabling the business to move fast in a secure and controlled way. You will act as the main driver of our compliance strategy, working cross-functionally with Engineering, Security, Legal, Finance, and Product teams. What you will do: - Own and lead the company’s GRC strategy across SOX, ISO 27001, and GDPR - Design, implement, and maintain SOX control frameworks, including documentation, testing, and audit readiness - Build and manage the Information Security Management System (ISMS) aligned with ISO 27001 - Ensure GDPR compliance across all data processing activities, including data mapping, DPIAs, and privacy controls - Lead internal and external audits, acting as the primary point of contact for auditors - Identify compliance gaps and drive remediation plans with technical and non-technical teams - Develop governance policies, procedures, and risk management frameworks - Partner closely with Engineering and Security teams to embed controls into systems and S...