Product GRC Subject Matter Expert

🕒 il y a 9 mois

🇺🇸 États-Unis – Télétravail

💵 $158 000 - $186 000 / an

⏰ Temps Plein

🟡 Intermédiaire

🟠 Senior

🚔 Conformité

🦅 Parrain de Visa H1B

Cette entreprise a parrainé des visas H1B par le passé.

Postuler Maintenant

Trouver des Emplois à Distance Similaires

Recevoir des emails pour des emplois à distance

📊 Vérifiez votre score de CV pour ce poste

Améliorez vos chances d'obtenir un entretien en vérifiant votre score de CV avant de postuler.

Télécharger le CV

Vanta

Site WebLinkedInTous les Emplois

201 - 500 employés

Fondée en 2018

📋 Conformité

🔐 Sécurité

☁️ SaaS

💰 €40 000 000 Series B en 2022-10

Compliance • Security • SaaS

Vanta est une plateforme de gestion de confiance qui simplifie les flux de travail de conformité et améliore les programmes de sécurité pour les entreprises. En s'appuyant sur l'automatisation, Vanta aide les entreprises à atteindre et à maintenir la conformité avec des cadres tels que SOC 2, ISO 27001 et GDPR. Elle offre des solutions pour les entreprises de toutes tailles, des startups aux grandes entreprises, assurant sécurité et conformité à grande échelle. Grâce à des intégrations avec plus de 375 outils, Vanta exploite l'IA pour simplifier des tâches telles que l'automatisation des questionnaires et la gestion des risques fournisseurs. Vanta permet aux prestataires de services et aux auditeurs de fournir des expériences efficaces et satisfaisantes, aidant les entreprises à construire la confiance avec leurs clients et partenaires.

Description

• Build and maintain compliance frameworks (controls, evidence requirements, implementation guidance for SOC 2, ISO/IEC 27001 & 27701, HIPAA, PCI DSS, NIST CSF, NIST SP 800-53, GDPR/CCPA) • Design crosswalks and mappings; maintain bidirectional crosswalks and operationalize mappings in-product • Define content quality standards, establish QA processes and metrics • Drive end-to-end GRC product enablement: modular content for risk management, POA&M, policy management, access reviews, Trust Center artifacts, third-party risk management • Act as product advisor in discovery & design; author PRDs/acceptance criteria • Author automated tests & continuous monitoring; translate controls into spec-level automated tests, pair with Engineering to implement detectors • Partner with Product to drive roadmap and own backlog for framework/content improvements • Enable AI-assisted compliance: translate SME knowledge into machine-readable specs, design LLM-powered guidance, define evaluation sets and safety guardrails • Synthesize feedback from customers, auditors, partners, and internal teams to iterate and resolve issues

🎯 Exigences

• 5-7+ years in GRC and/or Information Security with hands‑on implementation or assessment across multiple frameworks (e.g., SOC 2, ISO 27001/27701, HIPAA, PCI DSS, NIST CSF/800‑53) • Experience with cloud environments and SaaS is strongly preferred • Federal experience (e.g., FedRAMP) is a plus • Bachelor’s degree in Computer Science preferred; advanced degree a plus • Deep understanding of controls, risks, testing approaches, evidence standards, and program operations • Ability to translate requirements into productizable capabilities; comfort with experimentation and data‑driven prioritization • Technical & automation skills: experience with AI tools, simple automations, integrations (Sheets/Airtable, APIs, webhooks), and designing AI-augmented workflows • Skilled at precise control wording, mapping accuracy, and evidence specificity; comfortable working in spreadsheets and large data sets • Excellent written and verbal communication; ability to partner with engineers, designers, GTM teams, auditors, and customers • Self-motivated, independent, adaptable in a fast-paced environment • Nice-to-have: Experience with privacy regulations (GDPR/CCPA), risk quantification (e.g., FAIR), audit/assessor background, or B2B SaaS content/enablement • Preferred certifications: CISA, CISSP, CCSK/CCSK+, ISO 27001 Lead Implementer/Lead Auditor, CIPM/CIPT, PCI‑ISA/QSA

🏖️ Avantages

• Industry-competitive compensation • 100% covered medical, dental, and vision benefits with dependents coverage • 16 weeks fully-paid parental Leave for all new parents • Health & wellness and remote workplace stipends • Family planning benefits through Carrot Fertility • 401(k) matching • Flexible work hours and location • Open PTO policy • 11 paid holidays in the US • Offices in SF, NYC, London, Dublin, and Sydney