RemoteLeaf Logo
Log in Sign up

Director, GRC, Engineering (Remote Eligible)

2 hours, 13 minutes ago
United States
Full-time
Executive
Security Engineer
DevOps and Infrastructure
AWS CI/CD CloudFormation Cybersecurity Terraform
Apply Now
Smartsheet

Smartsheet

Smartsheet provides an enterprise work management platform that enables teams to efficiently manage projects, automate processes, and enhance collaboration through a user-friendly interface that combines spreadsheet functionality with advanced workflow...

Internet Software & Services
1K-5K
Founded 2005
View All Jobs 56

Description

  • Build automation into GRC processes and deploy GRC-as-Code / Policy-as-Code where appropriate.
  • Incorporate AI into GRC workflows where appropriate.
  • Own and manage contract reviews for net-new deals and renewals in support of the revenue team.
  • Lead, build, and support the growth of a high-performing GRC team.
  • Maintain strong customer service for internal and external stakeholders, customers, and auditors.
  • Lead annual external audits, including SOC 2, ISO 27001, ISO 27701, FedRAMP, and other audits, serving as the primary point of contact for auditors.
  • Lead internal audits and readiness assessments.
  • Partner with procurement teams to manage vendor security reviews.
  • Manage cybersecurity policies, procedures, and standards.
  • Work closely with Product Security, Privacy, Engineering, and Product teams on security reviews and audit evidence collection.
  • Define and track KPIs and KRIs using engineering and cloud telemetry data to provide risk-based insights to leadership.
  • Define and execute the multi-year vision, strategy, and roadmap for the GRC Engineering function.
  • Mentor and coach team members while fostering a culture of continuous learning and professional growth.

Requirements

  • 5+ years of people leadership experience.
  • 10+ years of general GRC experience.
  • Strong experience reviewing and redlining contracts.
  • Ability to balance customer requirements with organizational risk in contracting decisions.
  • Strong negotiation skills for managing vendor and supply chain risks.
  • Proven ability to build business-centric third-party risk programs.
  • Deep knowledge of NIST 800-53.
  • Understanding of product development, SDLC, and CI/CD.
  • Deep knowledge of AWS and container architecture.
  • Familiarity with Terraform or CloudFormation for infrastructure configuration as code.
  • Experience integrating GRC processes with vulnerability management and security configuration tools.
  • Strong written and verbal communication skills with the ability to build consensus across dispersed teams.
  • Experience leading or supporting external audits such as SOC 2, ISO 27001, ISO 27701, or FedRAMP is preferred.
  • Experience managing budgets, vendor relationships, and resource allocation is preferred.

Benefits

  • Employer-subsidized medical, vision, and dental coverage for full-time employees.
  • 401(k) match: 50% of employee contributions up to the first 6% of eligible pay.
  • Monthly stipend to support work and productivity.
  • Flexible Time Away Program plus Sick Time Off.
  • Company-provided life insurance, short-term disability, and long-term disability coverage for US employees.
  • 12 paid holidays per year for US employees.
  • Up to 24 weeks of parental leave.
  • Personal paid Volunteer Day.
  • Professional growth and development opportunities, including access to Udemy online courses.
  • Company-funded perks including a counseling membership, local retail discounts, and a personal Smartsheet account.
  • Teleworking options from any registered location in the U.S. for role-specific positions.
  • Market-competitive incentive opportunity.
  • US base salary range of $235,000 to $315,000.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

CI Azumano Business Travel

Sr. Technology Specialist

CI Azumano Business Travel 51-250 Consumer Services

CI Azumano, Seneca Holdings’ travel management company, is hiring a remote Senior Technology Specialist to lead the design, implementation, support, and governance of enterprise technology solutions across the organization.

Anywhere Full-time Senior Security Engineer
AWS Azure HIPAA
13 minutes ago
Anduril Industries

Manager, Enterprise Security Engineering

Anduril Industries 1K-5K Aerospace & Defense

Anduril Industries is hiring a Security Engineering leader to build and scale defensive controls that protect the infrastructure supporting its defense technology products.

United States Full-time Lead Security Engineer
$166k-$220k
AWS AWS CDK Azure Computer Vision GCP Go Linux Python Rust Terraform
13 minutes ago
Applied Intuition

Security Engineer (Purple Team)

Applied Intuition 251-1K Internet Software & Services

Applied Intuition is hiring a Product Security Engineer, Purple Team member to secure its Vehicle OS, self-driving systems, and OTA/remote command center backend products.

United States Full-time Senior Security Engineer
$150k-$220k
C C++ Embedded Systems Encryption Linux Network Security Penetration Testing Python SSH
28 minutes ago
Affirm

Senior Software Engineer - IAM

Affirm 1K-5K Diversified Financial Services

Affirm is hiring a software engineer to advance its enterprise identity and access management platform, building automation and AI-assisted workflows around SailPoint and Auth0.

Poland Contract Senior Security Engineer Software Engineer
$4k-$5k
AWS Buildkite CI/CD GitHub JIRA Python Terraform
28 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers