Jobandtalent
HQ - GRC Lead
TLDR
Own and lead the Governance, Risk, and Compliance strategy, ensuring compliance with SOX, ISO 27001, and GDPR while collaborating cross-functionally with multiple teams.
We are looking for a GRC Lead to own and scale our Governance, Risk, and Compliance function within a fast-growing product company. This is a key role responsible for ensuring compliance with SOX, ISO 27001, and GDPR, while enabling the business to move fast in a secure and controlled way.
You will act as the main driver of our compliance strategy, working cross-functionally with Engineering, Security, Legal, Finance, and Product teams.
What you will do
Own and lead the company’s GRC strategy across SOX, ISO 27001, and GDPR
Design, implement, and maintain SOX control frameworks, including documentation, testing, and audit readiness
Build and manage the Information Security Management System (ISMS) aligned with ISO 27001
Ensure GDPR compliance across all data processing activities, including data mapping, DPIAs, and privacy controls
Lead internal and external audits, acting as the primary point of contact for auditors
Identify compliance gaps and drive remediation plans with technical and non-technical teams
Develop governance policies, procedures, and risk management frameworks
Partner closely with Engineering and Security teams to embed controls into systems and SDLC processes
Monitor regulatory and compliance changes and translate them into actionable requirements
Requirements
8+ years of experience in GRC, Risk, Compliance, or IT Audit roles
Strong hands-on experience with SOX compliance programs (design, testing, audit coordination)
Solid knowledge of ISO 27001 and experience managing or supporting ISMS implementation
Practical experience with GDPR in a product or corporate environment
Experience working with internal and external auditors
Strong stakeholder management and communication skills across technical and non-technical teams
Ability to translate regulatory requirements into scalable business processes
Fluent English
Nice to have
Experience in SaaS or product-led companies
Experience in Big 4 (Deloitte, EY, PwC, KPMG) or similar audit environments
Familiarity with cloud environments (AWS, GCP, Azure)
Security certifications (CISA, CISM, ISO 27001 Lead Implementer/Auditor)
#LI-ML3
Job&Talent is an AI-powered workforce management platform that transforms how temporary labor is sourced and managed, particularly for frontline industries. We connect skilled workers with leading employers, driving productivity and efficiency while empowering employees to work on their own terms. Our innovative technology enhances transparency and accessibility in the hiring process, making us a key player in the global employment landscape.
- Founded
- Founded 2009
- Employees
- 201-500 employees
- Industry
- Internet Software & Services
- Total raised
- $510M raised