Modal21.04.2026
Security GRC Specialist
Полная занятостьNew York
Обязанности
- 01Own and operate compliance frameworks (e.g., SOC 2, ISO 27001, GDPR, etc.)
- 02Drive audits end-to-end: readiness, evidence collection, auditor coordination
- 03Continuously improve controls and reduce compliance overhead through automation
- 04Lead responses to customer security questionnaires, RFPs, and due diligence requests
- 05Partner with Sales and Customer Success to unblock deals and build trust
- 06Develop and maintain security documentation (trust center, whitepapers, FAQs)
- 07Work directly with engineering teams to design and implement practical security controls
- 08Translate compliance requirements into technical, scalable solutions
- 09Identify gaps and drive remediation projects
- 10Run risk assessments across systems, vendors, and processes
- 11Maintain policies and standards, but keep them lightweight and actionable
- 12Track and report on security posture and compliance status
- 13Improve how we manage compliance (evidence collection, control mapping, automation)
- 14Evaluate and implement GRC/security tools where appropriate
Требования
- 013–7+ years in security GRC, compliance, or security engineering-adjacent roles
- 02Hands-on experience with frameworks like SOC 2, ISO 27001, or similar
- 03Experience supporting audits and customer-facing security conversations
- 04Comfortable working with engineers and understanding systems (cloud, infra, APIs, etc.)
- 05Ability to translate between compliance language and technical implementation
- 06Experience with modern cloud environments (AWS/GCP/Azure) is a strong plus
- 07Proactive and hands-on—you drive changes, not just track them
- 08Able to balance rigor with pragmatism in a fast-moving environment
- 09Strong communication skills, especially with customers and cross-functional teams
Условия
- 01Fast-growing team based out of NYC, SF, and Stockholm
- 02Opportunities to grow within the company
- 03Compensation and benefits as per company policy