Startup Jobs
Post a Job
Laserfiche

Director of Governance, Risk and Compliance

California, U.S.
full-time

TLDR

Lead enterprise-wide governance, risk, and compliance programs ensuring regulatory alignment and operational excellence in a hands-on role within a transformative tech environment.

divspan style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Laserfiche is hiring a Director of Governance, Risk amp; Compliance (GRC) to lead enterprise-wide governance, risk and compliance programs at Laserfiche. This hands-on role will be responsible for ensuring the organization operates in alignment with regulatory compliance requirements, industry standards and internal policies, while enabling business agility and operational excellence. The ideal candidate has deep experience in cyber and physical security, IT risk management, business resiliency, AWS services and data privacy—along with hands-on involvement with implementing controls, standards and frameworks such as ISO 27001, NIST 800-53, FedRAMP/GovRAMP and SOC 2 controls (AICPA Trust Services Criteria)./span/divdiv /divdivdivstrongspan style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Location:/span/strong/divulli style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Hybrid: Three days per week (Tuesday, Wednesday and Thursday) in-office in Long Beach, CA/span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Remote work from home on Mondays and Fridays/span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Periodic travel including travel on weekends as needed for international site audits/spandiv style="font-family: 'Open Sans' , sans-serif;"/divspan style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"/span/li/ul/divdiv /divdiv /divdivdivstrongspan style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"About the Role - Key Responsibilities:         /span/strong/divspan style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"/span/divdiv /divdivspan style="text-decoration: underline;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Governance and Risk Management/span/span/divulli style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Develop and lead the enterprise Governance, Risk and Compliance (GRC) program to ensure effective alignment between business objectives, risk management and regulatory compliance requirements./span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Provide hands-on leadership for AI and security governance, cybersecurity controls (SOC 2, ISO 27001, GovRAMP/FedRAMP, CMMC, NIST 800-53, CJIS, PCI), data privacy and regulatory compliance (EU AI Act, GDPR, CCPA, PIPEDA, HIPAA)./span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Partner with technology and business leaders to assess AI, technology and security risks, and ensure appropriate controls are designed, implemented, tested and operating effectively./span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Collaborate with ITS, Development and other departments to lead IT, security and business resiliency policy creation, maintenance, communication, training and enforcement across the enterprise./span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Safeguard Laserfiche information in accordance with Laserfiche Information Security Policies./li/uldivspan style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;" /span/divdivspan style="text-decoration: underline;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Compliance amp; Controls Oversight and Monitoring/span/span/divulli style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Own and lead compliance and certification programs (SOC 2, ISO 27001, ISO 42001, ISO 9001, GovRAMP/FedRAMP, CMMC) that are aligned to industry standards and regulatory frameworks./span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Manage and conduct internal audits, risk assessments, third-party and vendor risk management assessments./span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Coordinate control self-assessments, remediation and risk treatment plans./span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Manage and update control matrices and risk registers; ensure controls are mapped to relevant frameworks and operating effectively./span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Manage continuous controls monitoring and risk reporting provided to external and internal stakeholders. /span/li/uldivspan style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;" /span/divdivspan style="text-decoration: underline;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Data Privacy /span/span/divulli style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Partner with Legal, ITS, Development, People and other organizations to operationalize privacy requirements./span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Oversee and perform data mapping and data inventory activities, ensuring accurate organizational understanding of data flows, risks and controls./span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Collaborate with Legal and other departments on performing DPIA/PIAs and other compliance initiatives./span/li/uldivspan style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;" /span/divdivspan style="text-decoration: underline;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Business Resiliency and Disaster Recovery (DR)/span/span/divulli style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Lead the business continuity management program, including performing an annual business impact analysis (BIA), developing, testing and updating BCPs, and providing organizational training in collaboration with Lamp;D. /span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Coordinate with ITS on DR planning and testing, and working with executive stakeholders on updating and testing crisis management plans (CMP). /span/li/uldivspan style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;" /span/divdivspan style="text-decoration: underline;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Customer Sales Enablement and Product Development/span/span/divulli style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Collaborate with Sales, ITS, Development and Legal on sales enablement initiatives including responding to RFPs and customer questionnaires on security controls, data privacy, AI, BCM, DR and CMP.  /span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Serve as a subject matter expert on internal controls and security, and collaborate with Product Strategy, Development and ITS on product enhancements, features and security capabilities./lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Monitor Laserfiche security controls and compliance with customer contractual requirements. /li/uldivdivstrongspan style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"/span/strong/divdivstrongspan style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"About You - Essential Qualifications:/span/strong/div/divulli style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Bachelor’s degree in management information systems, IT audit, cybersecurity or related degree program is required /span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Minimum of 7+ years of experience in information security, IT risk management, compliance, or related GRC disciplines./span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Certification is required in a relevant area (e.g., CISA, CRISC, CISM). /span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Demonstrated leadership experience building or scaling enterprise GRC programs./span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Experience with industry regulations (e.g., HIPAA, GDPR, CCPA), GovRAMP/FedRAMP, NIST standards (NIST 800-53), ISO 27001 certifications, SOC 2 reporting and security assessments, and leading frameworks such as AICPA Trust Services Criteria./span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Strong understanding of privacy regulations and experience with operational privacy work (data mapping and flow diagramming, DPIAs, data governance)./span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Strong technical skills in cybersecurity, controls and AWS security audits; Big Four experience a plus./span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Excellent communication, presentation and negotiation skills, with the ability to influence internal and external stakeholders and write policies and controls documentation./span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Exceptional organizational and program management skills with a keen attention to detail./span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Ability to thrive in a fast-paced environment with competing priorities and deadlines./span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Ability to manage complex, cross-functional projects with internal and external stakeholders./span/li/ulp /pdivspan style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"The salary range varies, and pay is based on several factors including but not limited to education, certifications (if applicable), candidate’s geographic region, job-related knowledge, skills and years of experience amongst other factors. /span/divulli style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"$180,000 - $230,000 per year/span/li/uldivspan style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;" /span/divdivstrongspan style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Perks amp; Benefits at a Glance                                  /span/strong/divulli style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Generous time off:/spanulli style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"15 Days of Vacation/span/li/ululli style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"3 Floating Holidays/span/li/ululli style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"2 Paid Volunteer Days/span/li/ululli style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"9 Paid Holidays/span/li/ul/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Hybrid Work Environment/span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Free Parking: covered and EV charging stations/span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Various 401 (k) Investment Options and Generous Company Match/span/lili style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"HMO and PPO Medical Care Options /span/li/uldivspan style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;" /span/divdivspan style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Applicants must be authorized to work for Laserfiche in the United States on a full-time basis without the need for employer sponsorship. We are unable to sponsor new employment visas, or take over sponsorship of existing employment visas, at this time./span/divdivbr /span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"strongAbout Us/strong/spanbr /divspan style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Laserfiche is a global leader in intelligent document management and business process automation, dedicated to helping organizations drive digital transformation. Headquartered in Long Beach, California, Laserfiche empowers businesses of all sizes—from dynamic startups to Fortune 500 enterprises—to accelerate productivity, improve collaboration, and deliver exceptional customer experiences./span/divdivbr /span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Through scalable workflows, customizable digital forms, and AI-powered automation, the Laserfiche platform enables teams to simplify complex processes and operate with greater efficiency. Our no-code solutions empower employees to innovate, adapt quickly, and make data-driven decisions that move their organizations forward./spanbr /span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;" /spanbr /span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;" /span/divdivspan style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"With a strong global presence and offices across North America, Europe, and Asia, Laserfiche is recognized for its commitment to innovation, quality, and customer success. Our people-first culture fosters professional growth, continuous learning, and collaboration—making Laserfiche a place where talented individuals can shape the future of digital enterprise technology./span/div/divdivbr /span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Learn more about our team a href="https://laserfiche1.wistia.com/medias/xelunw23au"here/a. /span/divdivspan style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;" /span/divdivbr /span style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"a href="https://www.laserfiche.com/"Laserfiche /acomplies with all Equal Opportunity and Affirmative Action regulations. Laserfiche makes all employment decisions – such as recruiting, hiring, training, promotion, compensation, professional development practices, discipline and termination – without regard to race, religion, color, national origin, ancestry, citizenship, sex, pregnancy, age, creed, physical or mental disability, medical condition, genetic characteristic, marital status, veteran status, gender identity/expression, sexual orientation or any other characteristic protected by law, except as may be permitted by law.                                                       /span/divdivspan style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"a href="https://www.laserfiche.com/"Laserfiche/a provides reasonable accommodations for applicants with disabilities upon request. For more information, please contact Talent Acquisition at a href="https://www.laserfiche.com/contact/"a target="url" href="https://www.laserfiche.com/contact/"https://www.laserfiche.com/contact//a/a or 562-988-1688. /span/divdiv /divdivspan style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, and the Los Angeles Fair Chance Initiative for Hiring Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, meet client expectations, standards, and accompanying requirements, and safeguard business operations and company reputation. /span/divdivspan style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;" /span/divdivspan style="font-family: sans-serif , arial , helvetica;font-size: 12.0pt;"#LI-Hybrid/span/div

Benefits

Health Insurance

HMO and PPO Medical Care Options

401(k) options and company match

Various 401 (k) Investment Options and Generous Company Match

Paid Time Off

9 Paid Holidays

Remote-Friendly

Hybrid Work Environment

 Laserfiche

Laserfiche builds powerful solutions for intelligent document management and business process automation, helping organizations enhance productivity and streamline operations. Its platform caters to a diverse customer base, from startups to large enterprises, and distinguishes itself with no-code solutions that enable users to innovate and adapt quickly. By incorporating AI-powered automation and customizable workflows, Laserfiche simplifies complex processes, allowing teams to focus on delivering exceptional results.

Website LinkedIn
View all jobs
Salary
$180,000 – $230,000 per year
Ace your job interview

Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.

Director Q&A's
Report this job
Apply for this job