P
Posted 5 hours ago
Director, GRC & Privacy Security
PolymarketDirector, GRC & Privacy Security
Perks & benefits
Education AllowanceHealth InsuranceHousing AllowancePaid Leave
Requirements
8+ years GRC experience, 3+ years management experience, SOC 2 Type II expertise, PCI-DSS v4.0 knowledge, GDPR and CCPA knowledge
Skills
ComplianceAuditCybersecurityrisk managementSecurity+Cloud SecuritySIEMIAMDevSecOpsCloudData managementData governanceRisk assessmentKYC
About the role
About the Company
Polymarket is the world's largest prediction market platform. We enable individuals to express views on real-world events by trading on outcomes across politics, economics, sports, culture, and current affairs.
Responsibilities
- Build and own the enterprise security risk management program, including risk register and scoring methodology
- Establish and maintain the security control framework mapping to SOC 2, PCI-DSS, and CIS Controls
- Drive security policy development and lifecycle management
- Lead the company's security committee and governance forums
- Own the end-to-end compliance program for SOC 2 Type II and PCI-DSS
- Build continuous audit readiness and automate compliance evidence collection
- Manage relationships with external auditors, certification bodies, and regulators
- Own the third-party risk management program and vendor security assessments
- Oversee the data privacy program in partnership with Legal (GDPR, CCPA)
- Ensure privacy-by-design is embedded in the product development process
- Manage data subject rights and privacy incident response
Requirements
- 8+ years of experience in GRC or information security compliance
- 3+ years in a management or program leadership role
- Deep, hands-on experience with SOC 2 Type II audit cycles
- Strong working knowledge of PCI-DSS v4.0
- Experience managing compliance across multiple legal entities or subsidiaries
- Proven experience building or maturing a GRC program from scratch
- Working knowledge of GDPR and CCPA
- Ability to communicate risk to technical teams and executive leadership
Preferred Qualifications
- Experience in fintech, payments, cryptocurrency, or financial services
- Professional certifications such as CISM, CRISC, CISSP, CIPP/E, or CIPP/US
- Exposure to ISO 27001, CIS, or NIST CSF
- Experience with GRC platforms like Vanta, Drata, or ServiceNow GRC
- Familiarity with AWS cloud environments
Benefits
- Competitive salary & equity
- Unlimited PTO
- Full Health, Vision, & Dental coverage
- 401k match
- Hardware setup: new MacBook Pro, big display, & accessories
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freeDirector, GRC & Privacy Security
Polymarket · New York
