Cybersecurity Manager - GRC at Playlist - ScoutJobs - The AI-curated global job board
Skip to content
ScoutJobs.AI
Log inGet started
Navigate
How it worksThe agent, step by stepFeaturesEverything else it doesPricingSimple plansFAQQuestions everyone asks
Log inGet started. Free.
Playlist
Posted a day ago

Cybersecurity Manager - GRC

PlaylistCybersecurity Manager - GRC
Apply now

Requirements

7+ years Information Security GRC or Audit experience, 2+ years direct people management, Hands-on SOC 1 Type II ownership, Experience with ISO 27001, HITRUST, or NIST CSF, Third-party risk management workflow ownership, Compliance automation platform experience

Skills

GRCComplianceISO 27001NIST CSFSOX

About the role

Responsibilities

  • Manage and develop a team of 3–5 GRC team members, including setting OKRs, conducting 1:1s, and coaching on technical depth and stakeholder management.
  • Own the end-to-end third-party risk management (TPRM) workflow, including vendor intake, risk tiering, due diligence, and ongoing monitoring.
  • Lead the compliance program portfolio across SOC 1 Type II, ISO 27001, HITRUST, NIST CSF/800-53, and IT SOX.
  • Serve as the primary point of contact for external auditors and assessors, managing timelines and finding remediation.
  • Drive the evolution of the compliance automation platform to automate high-volume evidence collection and scale with the business.
  • Partner with Legal, Security Engineering, Product, and Finance to integrate compliance and risk management into product and infrastructure decisions.

Requirements

  • 7+ years of progressive Information Security GRC, Compliance, or Audit experience.
  • 2+ years of direct people management experience.
  • Hands-on program ownership of SOC 1 Type II (required).
  • Working depth in at least two of the following: ISO 27001, HITRUST, NIST CSF/800-53, or IT SOX.
  • Demonstrated experience owning a third-party risk management workflow at scale.
  • Hands-on experience with compliance automation platforms (e.g., Drata, Vanta, Hyperproof, Secureframe, or Optro).
  • Strong project management skills with the ability to manage multiple audits and integration workstreams in parallel.

Preferred Qualifications

  • Experience integrating acquired companies into existing compliance programs and harmonizing controls.
  • Background working in a multi-brand or SaaS/consumer-marketplace environment.
  • Relevant certifications such as CISA, CIPP/US, CIPP/E, ISO 27001 Lead Implementer/Auditor, or PCI ISA.
  • Technical literacy in security engineering to partner effectively on control design.

About the Company

Playlist is building the definitive platform for intentional living, connecting people with inspiring experiences in fitness, wellness, and beyond. Through popular brands like Mindbody and ClassPass, we empower businesses and individuals to make aspirations into actions. Our GRC team operates at the intersection of Security, Legal, Engineering, and Finance to build scalable, durable compliance programs across a complex, multi-brand environment.

ScoutJobs Agent

Get matches like this delivered daily

Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.

Get started — it's free

Cybersecurity Manager - GRC

Playlist · United States

Sign up to apply