Jobs · Information Technology · Colorado

Senior Security GRC Lead

Gong · Austin, CO · 3 wk ago
Information Technology$121k–$185k/yrFull-time

About the role

Gong harnesses the power of AI to transform how revenue teams win. The Senior GRC Security Lead will design and implement Gong’s Common Controls Framework, establish risk processes, and own the policy lifecycle.

Responsibilities

  • Design and implement Gong’s Common Controls Framework, mapping controls across various frameworks.
  • Rationalize overlapping requirements across frameworks to reduce compliance burden.
  • Partner with Engineering, Infrastructure, and Product Security to embed controls at the architecture level.
  • Build Gong’s product & enterprise risk register, including risk taxonomy, scoring methodology, and ownership models.
  • Implement a GRC platform and system of record, creating executive level dashboards for risk and control remediation.
  • Create and maintain risk treatment plans, tracking remediation milestones and escalating blockers.
  • Develop executive-level risk reporting cadences and dashboards for the Head of GRC and senior leadership.
  • Own the complete lifecycle of Gong’s information security policy suite, ensuring alignment with regulatory requirements and evolving technology.
  • Drive policy adoption through clear communication, training support, and cross-functional partnership.
  • Liaise with external auditors and certification bodies for SOC 2, ISO, and other certifications.

Qualifications

  • 7+ years of progressive experience in GRC, Information Security, or a closely related function.
  • Deep expertise across multiple compliance and security frameworks, including SOC 2 Type II, ISO 27001, NIST CSF, and at least one regulatory framework (GDPR, CCPA, HIPAA, or equivalent).
  • Experience creating and implementing GRC Record of Truth/Tooling.
  • Strong policy and standards writing ability.
  • Experience conducting and managing product & enterprise risk assessments.
  • Proven ability to manage and communicate with senior stakeholders.
  • Bachelor’s degree in Information Security, Computer Science, Business, or a related field; equivalent practical experience considered.
  • Relevant certifications preferred: CISSP, CISM, CRISC, CISA, CCSP, or comparable credentials.

Similar jobs

Senior Security GRC Lead

GongNew York, NY· 3 wk ago
Information Technology$121k–$185k/yrapply on job-boards.greenhouse.io

Senior Security GRC Lead

GongChicago, IL· 3 wk ago
Information Technology$121k–$185k/yrapply on job-boards.greenhouse.io

Senior Security GRC Lead

GongSalt Lake City, UT· 3 wk ago
Information Technology$121k–$185k/yrapply on job-boards.greenhouse.io

Senior Security GRC Lead

GongSan Francisco, CA· 3 wk ago
Information Technology$121k–$185k/yrapply on job-boards.greenhouse.io

Senior GRC Lead

BrexSeattle, WA· 1 wk ago
Information Technology$154k–$192k/yrapply on brex.com

Senior GRC Lead

BrexSan Francisco, CA· 1 wk ago
Information Technology$154k–$192k/yrapply on brex.com