Risk and Compliance Lead

Responsibilities

• Own and mature the security GRC program, including policy lifecycle management and risk register maintenance
• Conduct comprehensive enterprise and product-level risk assessments to identify and track risks
• Lead and manage compliance efforts for SOC 2, ISO 27001, ISO 9001, TISAX, and federal/defense requirements
• Drive the Third Party Risk Management (TPRM) program, including vendor assessments and contract security reviews
• Build and maintain GRC program infrastructure, including compliance tooling and executive-level reporting
• Partner with Legal, Engineering, IT, and Operations to embed compliance requirements into business processes
• Support customer-facing security assurance activities such as questionnaires and audits

Requirements

• 6+ years of experience in security GRC, risk management, or compliance program ownership
• Hands-on experience running Enterprise Risk Assessments and managing risk registers
• Deep experience managing SOC 2, ISO 27001, and TISAX audits end-to-end
• Proven experience running Third Party Risk Management programs
• Proficiency with GRC tooling such as Vanta, Drata, OneTrust, or similar platforms
• Strong communication skills with the ability to present risk posture to executive leadership

Preferred Qualifications

• Experience with automotive security and safety compliance frameworks (e.g., ISO 21434, ISO 26262)
• Relevant professional certifications such as CISSP

About the Company

Applied Intuition is powering the future of physical AI. Founded in 2017, the company is creating the digital infrastructure needed to bring intelligence to every moving machine on the planet, servicing the automotive, defense, trucking, construction, mining, and agriculture industries.