Jobs · Management

Member of GRC Staff

Runway · United States · 3 wk ago
RemoteRemoteManagementFull-time

About the role

We are building AI to simulate the world through merging art and science. This role combines traditional information security compliance with the unique challenges of ensuring safe and responsible AI system development.

Responsibilities

  • Design and implement a comprehensive GRC framework that addresses both traditional security controls and novel AI safety considerations
  • Lead engagements with external auditors and assessors to obtain and maintain critical security certifications (SOC 2, ISO 27001/27701/42001, FedRAMP, etc.)
  • Own and help fulfill GDPR data subject requests, including access (DSARs) and erasure/deletion requests that involve coordinating with Legal, Support, and engineering on data sourcing and response workflows
  • Review and redline the security and data protection terms of customer and vendor contracts (TOMs, DPAs, MSAs) in partnership with Legal
  • Partner with AI research teams to develop and implement appropriate safeguards and controls for machine learning systems
  • Create and maintain security policies, standards, and procedures that balance innovation with appropriate risk management
  • Maintain AI governance documentation and internal AI usage guidelines, monitoring changes from model and AI tool providers (e.g., retention and data-use terms) and reconciling them into company policy
  • Develop and oversee security awareness and training programs across the organization
  • Drive continuous improvement of security controls and risk management processes
  • Serve as a key advisor to leadership on security, privacy, and AI safety matters
  • Manage relationships with customers, auditors, and other external stakeholders

Requirements

7+ years of experience in information security, risk management, or compliance roles

Deep understanding of security frameworks and standards (NIST, ISO 27001, SOC 2)

Hands-on experience running SOC 2 Type II and ISO 27001 audits

Experience building compliance programs in fast-paced technology environments

Strong knowledge of privacy regulations and requirements (GDPR, CCPA) including operational experience handling data subject access and deletion requests

Experience completing customer security questionnaires and supporting Sales on security due diligence

Excellent communication skills with ability to effectively engage technical and non-technical stakeholders

Experience with cloud security and modern development practices

Understanding of machine learning concepts and AI development workflows

Qualifications

Preferred Qualifications:

  • Experience in AI/ML company or research organization
  • Experience with AI safety and ethics frameworks
  • Background in implementing automated security controls

Similar jobs

Service team member

Michaels StoresRedondo Beach, CA· 1 wk ago
Business Development$16.9–$19.7/hrapply on careers.michaels.com

service team member

Michaels StoresPalmdale, CA· 3 mo ago
Business Development$17.25–$20.3/hrapply on careers.michaels.com

Service Team Member

Michaels StoresFort Lauderdale, FL· 2 wk ago
Business Developmentapply on careers.michaels.com

Service Team Member

Michaels StoresColumbus, GA· 2 mo ago
Business Developmentapply on careers.michaels.com

Service Team Member

Michaels StoresDelray Beach, FL· 2 mo ago
Business Developmentapply on careers.michaels.com