Director, GRC & Privacy Security at Polymarket - ScoutJobs - The AI-curated global job board
Skip to content
P
Posted 5 hours ago

Director, GRC & Privacy Security

PolymarketDirector, GRC & Privacy Security

Perks & benefits

Education AllowanceHealth InsuranceHousing AllowancePaid Leave

Requirements

8+ years GRC experience, 3+ years management experience, SOC 2 Type II expertise, PCI-DSS v4.0 knowledge, GDPR and CCPA knowledge

Skills

ComplianceAuditCybersecurityrisk managementSecurity+Cloud SecuritySIEMIAMDevSecOpsCloudData managementData governanceRisk assessmentKYC

About the role

About the Company

Polymarket is the world's largest prediction market platform. We enable individuals to express views on real-world events by trading on outcomes across politics, economics, sports, culture, and current affairs.

Responsibilities

  • Build and own the enterprise security risk management program, including risk register and scoring methodology
  • Establish and maintain the security control framework mapping to SOC 2, PCI-DSS, and CIS Controls
  • Drive security policy development and lifecycle management
  • Lead the company's security committee and governance forums
  • Own the end-to-end compliance program for SOC 2 Type II and PCI-DSS
  • Build continuous audit readiness and automate compliance evidence collection
  • Manage relationships with external auditors, certification bodies, and regulators
  • Own the third-party risk management program and vendor security assessments
  • Oversee the data privacy program in partnership with Legal (GDPR, CCPA)
  • Ensure privacy-by-design is embedded in the product development process
  • Manage data subject rights and privacy incident response

Requirements

  • 8+ years of experience in GRC or information security compliance
  • 3+ years in a management or program leadership role
  • Deep, hands-on experience with SOC 2 Type II audit cycles
  • Strong working knowledge of PCI-DSS v4.0
  • Experience managing compliance across multiple legal entities or subsidiaries
  • Proven experience building or maturing a GRC program from scratch
  • Working knowledge of GDPR and CCPA
  • Ability to communicate risk to technical teams and executive leadership

Preferred Qualifications

  • Experience in fintech, payments, cryptocurrency, or financial services
  • Professional certifications such as CISM, CRISC, CISSP, CIPP/E, or CIPP/US
  • Exposure to ISO 27001, CIS, or NIST CSF
  • Experience with GRC platforms like Vanta, Drata, or ServiceNow GRC
  • Familiarity with AWS cloud environments

Benefits

  • Competitive salary & equity
  • Unlimited PTO
  • Full Health, Vision, & Dental coverage
  • 401k match
  • Hardware setup: new MacBook Pro, big display, & accessories
ScoutJobs Agent

Get matches like this delivered daily

Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.

Get started — it's free

Director, GRC & Privacy Security

Polymarket · New York

Sign up to apply