O
Posted 14 hours ago
GRC Leader
Observe.AIGRC Leader
Perks & benefits
Medical Insurance
Requirements
9+ years GRC experience, 3+ years external audit management, SOC 2, PCI DSS, ISO 27001, HITRUST experience, SaaS industry experience, GRC automation tool proficiency
Skills
GRCSOC 2ISO 27001
About the role
Responsibilities
- Own the end-to-end lifecycle for all external audits including SOC 2 Type II, PCI DSS Level 1, ISO 27001, HITRUST r2, HIPAA, and GDPR/CCPA
- Serve as the primary point of contact for external auditors and certification bodies
- Coordinate internal stakeholders across Engineering, DevOps, Legal, HR, and Finance to gather audit evidence
- Develop and document the GRC strategy, compliance roadmap, and multi-framework control library
- Design and implement a scalable GRC program using automation tools like Vanta or Drata
- Lead enterprise risk assessments and maintain the risk register
- Assess third-party and vendor risk, including managing sub-processor inventory and DPAs
- Respond to customer security questionnaires and support Sales in compliance-related deal cycles
- Manage and maintain the company Trust Center
Requirements
- 9+ years of experience in GRC, information security compliance, or audit roles
- At least 3 years of experience directly managing external audits
- Hands-on experience leading SOC 2 Type II, PCI DSS, ISO 27001, and HITRUST audits
- Deep knowledge of control frameworks such as NIST CSF, CIS Controls, and ISO 27001
- Experience at a SaaS product company processing sensitive customer data
- Proficiency with GRC automation platforms like Vanta, Drata, or OneTrust
- Strong project management skills for running concurrent audit programs
- Experience drafting and negotiating DPAs, BAAs, and security addenda
- Excellent written and verbal communication skills
Preferred Qualifications
- Relevant certifications such as CISA, CISSP, CISM, CRISC, or ISO 27001 Lead Auditor
- Experience in fintech or healthcare-adjacent industries
Benefits
- Excellent medical insurance options and free online doctor consultations
- Yearly privilege and sick leaves
- Generous holidays and parental leave policies
- Learning & Development fund for professional development
- Flexible benefit plans for tax exemptions
About the Company
Observe.AI is the AI Agents platform for customer experience, designed to help organizations deliver faster, smarter, and more efficient customer service at scale.
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freeGRC Leader
Observe.AI · Bengaluru
