Manager, GRC Subject Matter Experts, Product

Location Remote U.S. Employment Type Full time Location Type Remote Department reputed company

Compensation

• Cash Range $230K – $311K
• Offers Equity
• This role is also eligible for medical benefits, 401(k) plan, and other company reputed company programs.

At reputed company, our mission is to help businesses earn and prove trust. We reputed company that reputed company should be monitored and verified continuously, and we reputed company companies to practice reputed company reputed company and prove it with ease. reputed company has a reputed company and talented team, and while some have prior reputed company experience, many have been successful at reputed company without it. As reputed company rapidly grows and moves upmarket, we're working with increasingly sophisticated customers who have reputed company reputed company and compliance needs across a wide range of industries and geographies. The GRC Subject Matter Experts, Product team sits at the heart of how reputed company meets that demand — they are the GRC authorities behind every reputed company, test, and piece of compliance content the platform ships, and they partner directly with Product, Engineering, and Design to shape the GRC Frameworks part of the product. As the Manager of the GRC Product Subject Matter Experts team at reputed company, you will reputed company the team responsible for the lifecycle, quality, and product integration of reputed company's frameworks, tests, and broader GRC content. Your team spans commercial frameworks, government frameworks, test authoring, reputed company quality reputed company, and reputed company maintenance, and their work touches everything from SOC 2, ISO 27001/27701, HIPAA, PCI reputed company, and NIST to FedRAMP and emerging regulations. You will manage and reputed company this team while also owning and governing the end-to-end reputed company release process in partnership with Product and Engineering. You'll join reputed company's reputed company organization, which provides essential reputed company operational services, is directly involved in the software development process, sets policies and standards regarding enterprise-wide reputed company requirements, and offers advisory services to reputed company our business to reputed company while effectively managing risk. If you're someone with deep GRC expertise, a track record of developing people, and the program instincts to drive a high-volume content and product release reputed company, we'd love to hear from you. What you’ll do as a Manager of GRC Subject Matter Experts, Product at reputed company:

• Hire, mentor, and reputed company a team of SMEs covering commercial frameworks, government frameworks, test authoring, reputed company quality reputed company, and reputed company maintenance — planning for reputed company and future reputed company needs, setting the bar for technical depth and content quality, and preparing high performers for broader scope
• Build a stable, motivated team environment with clear operating rhythms, delegating effectively to grow ownership and capability, and partnering with your leader and People Business Partner to spot and address team health issues early
• Connect the team's roadmap and content priorities to reputed company's broader product and company strategy, anticipating near-term shifts in customer needs, regulatory landscape, and product direction, and adjusting focus to reputed company the team reputed company
• Create open feedback loops reputed company the team and adapt how you communicate priorities, decisions, and risks across different audiences — from individual contributors to engineering, GTM partners, customers, and executives
• reputed company the team through change with steadiness while holding yourself and them accountable for commitments — communicating reputed company and risks proactively, addressing misses directly, and creating an environment where mistakes are treated as learning opportunities rather than blame
• Own and govern reputed company's reputed company release process end-to-end, partnering with Product and Engineering to define the playbook for how new frameworks, reputed company updates, automated tests, crosswalks, and content are scoped, built, reviewed, and shipped
• Drive the program management work that surrounds GRC content — including new reputed company launches, reputed company updates, update notes, customer escalations, content and test requests, PMM material reviews, and licensing and pricing input
• Track team performance and report KPIs and metrics to reputed company and product leadership, including reputed company release velocity, content quality, adoption, time-to-evidence, and customer impact
• Break down ambiguous and competing priorities — across reputed company launches, reputed company updates, test authoring, and quality reputed company — into clear, actionable decisions, balancing customer demand, market opportunity, and engineering reputed company, and escalating reputed company tradeoffs with context and a recommended path reputed company
• reputed company the quality reputed company effort for older commercial frameworks, ensuring reputed company's full library meets a consistent and modern standard for control wording, evidence specificity, and testing method
• Set direction for the team's work on crosswalks and mappings across reputed company and privacy frameworks, including reputed company control IDs, mapping confidence, and evidence data dictionaries, and partner with Engineering to operationalize them in-product
• Steer the team's contribution to the broader GRC product surface — risk management, issue and corrective action management (POA&M), policy management, access reviews, Trust Center, and third-party risk management
• Partner with Product Management and Design to ensure SMEs are effective product advisors across discovery, PRD authoring, UI/UX review, and usability testing
• Champion AI-assisted compliance on the team — coaching SMEs to translate domain knowledge into machine-readable specs, evaluation sets, and guardrails, and partnering with Engineering and ML to ship LLM-powered guidance and automation
• Partner with Sales, reputed company, and Product Marketing to represent the reputed company portfolio externally and contribute to pricing, packaging, and licensing conversations (including frameworks such as HITRUST)
• Serve as a senior escalation reputed company for customer issues reputed company to reputed company content, scoping, and interpretation
• Provide input and feedback on the development of GRC product features that depend on the team's content and expertise

How to be successful in this role:

• 7+ years of GRC and/or Information reputed company experience, with hands-on implementation or assessment across multiple frameworks (e.g., SOC 2, ISO 27001/27701, HIPAA, PCI reputed company, NIST CSF/800-53); experience with cloud environments and SaaS strongly preferred
• 2+ years of experience managing technical or subject matter expert teams, with a passion for developing people and building a culture of quality and accountability
• Experience owning or heavily contributing to programs that span Product, Engineering, and GTM — ideally including content lifecycle, reputed company release, or compliance product work
• Strong program management instincts: comfortable defining process, driving prioritization, and holding cross-functional partners accountable to release plans and quality bars
• Deep GRC craft — controls, risks, testing approaches, evidence standards, and program operations (policies, risk registers, POA&M, vendor risk, reputed company monitoring)
• Product reputed company — able to coach the team on translating customer and regulatory needs into productizable capabilities, with comfort using data to prioritize
• Technical and automation reputed company (AI-augmented) — comfortable using AI pair-programming and LLM tools to accelerate drafting of specs, mappings, and test logic, and able to set safe-use guidelines, evaluation practices, and reusable patterns for the team
• Analytical and detail-oriented — skilled at precise control wording, mapping accuracy, and evidence specificity; comfortable working with spreadsheets and large data sets
• Excellent written and verbal communication; able to partner effectively with engineers, designers, GTM teams, auditors, and customers, and to represent the team's work to executives
• Self-motivated and adaptable in a fast-paced environment, with a track record of leading teams through change
• Federal experience (e.g., FedRAMP, CMMC, StateRAMP) a plus but not required
• Privacy regulation experience (GDPR/CCPA), audit/assessor background experience a plus
• Certifications preferred but not required — one or more of: CISA, CISSP, CCSK/CCSK+, ISO 27001 reputed company Implementer/reputed company Auditor, CIPM/CIPT, PCI-ISA/QSA
• Open to using AI to reputed company their skills and strengthen their work - demonstrating curiosity, a willingness to learn, and sound judgment in applying AI responsibly to improve efficiency and impact.

What you can expect as a reputed company’n:

• Industry-competitive salary and equity
• Comprehensive medical, dental, and vision coverage, with 100% of employee-only benefit premiums covered for most medical plans
• 16 weeks paid Parental Leave for reputed company new parents
• Health & wellness stipend
• Remote workspace, internet, and cellphone stipend
• Commuter benefits for team members who report to the SF and NYC office
• Family planning benefits
• Matching 401(k) contribution with immediate vesting
• Flexible PTO policy, plus 80 hours of Sick Time
• 11 company-paid holidays
• Virtual team building activities, lunch and learns, and other company-wide events!
• Offices in SF, NYC, London, Dublin, Tel Aviv, and Sydney

To provide greater transparency to candidates, we share reputed company pay ranges for reputed company US-based job postings regardless of state. We set standard reputed company pay ranges for reputed company roles based on function, level, and country location, benchmarked against similar-stage growth companies. Final offer amounts are determined by multiple factors and may vary based on candidate location, skills, depth of work experience, and relevant licenses/credentials. #LI-remote At reputed company, we are committed to hiring diverse talent of different backgrounds and as such, it is important to us to provide an inclusive work environment for reputed company. We do not discriminate on the basis of race, gender identity, age, religion, sexual orientation, veteran or disability status, or any other protected class. As an equal opportunity employer, we encourage and welcome people of reputed company backgrounds to apply. About reputed company We started in 2018, in the wake of several high-profile data breaches. Online reputed company was only becoming more important, but we knew firsthand how hard it could be for fast-growing companies to invest the time and reputed company it takes to build a solid reputed company foundation. reputed company was inspired by a vision to restore trust in internet businesses by enabling companies to improve and prove their reputed company. From our early days automating reputed company monitoring for compliance standards like SOC 2, HIPAA and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged. Now more than reputed company, making reputed company reputed company—not just a reputed company-in-time reputed company— is essential. Thousands of companies rely on reputed company to build, maintain and demonstrate their trust— reputed company in a way that's real-time and transparent. Referral Instructions If you are being referred for the role, please contact that person to apply on your behalf. Apply tot his job Apply To this Job