Manager, Security Governance Risk & Compliance
$112.87k - $169.31kCommerce
Welcome to the Agentic Commerce Era At Commerce, our mission is to empower businesses to innovate, grow, and thrive with our open, AI-driven commerce ecosystem. As the parent company of BigCommerce, Feedonomics, and Makeswift, we connect the tools and systems that power growth, enabling businesses to unlock the full potential of their data, deliver seamless and personalized experiences across every channel, and adapt swiftly to an ever-changing market. We believe in harnessing AI responsibly to unlock new possibilities, and we’re looking for individuals who use it intentionally to solve problems, accelerate outcomes, and expand what’s possible in their role. Our purpose is to help businesses confidently solve complex commerce challenges so they can build smarter, adapt faster, and grow on their own terms. If you want to be part of a team of bold builders, sharp thinkers, and technical trailblazers who shape the future of commerce, this is the place for you. As a Manager of Security GRC, you will lead our compliance programs and serve as the strategic owner of our audit portfolio at Commerce. You will oversee our most critical certification and regulatory programs — including PCI DSS, SOC 2, ISO 27001, and other security audits — ensuring compliance is embedded into our "business as usual" (BAU) operations and that our control environment is continuously audit-ready across Commerce, Feedonomics, and Makeswift. You will serve as the organizational bridge between Engineering, Infrastructure, Legal, Privacy, and external auditors, translating complex regulatory requirements into clear, executable programs. A core part of this role is working directly with control owners across all business units to ensure they understand their obligations, maintain evidence, and operate within the control framework. This role reports into our GRC function and leads a team of analysts responsible for audit success and control framework integrity. What You'll Do: Audit Ownership: Own the end-to-end lifecycle of Commerce's core audit programs — PCI DSS 4.0, SOC 2 Type 2, ISO 27001, and SOX — across Commerce, Feedonomics, and Makeswift, including scoping, evidence strategy, auditor management, and final report outcomes. Control Owner Engagement: Partner with control owners across all three business units to ensure they understand their compliance obligations, maintain audit-ready evidence, and operate effectively within the BC Secure Controls Framework on an ongoing basis. External Auditor Relationships: Serve as the primary point of contact for QSAs, external auditors, and certification bodies. Defend the control environment, manage audit timelines, and minimize disruption to technical teams. Continuous Audit Readiness: Drive the operationalization of audit requirements into BAU workflows across all business units, reducing reliance on point-in-time evidence collection and eliminating audit fatigue organization-wide. Findings & Remediation: Own the tracking and closure of audit findings and control gaps across Commerce, Feedonomics, and Makeswift. Partner with control owners to deliver pragmatic, risk-informed remediation plans within defined timelines. PCI 4.0 Evolution: Direct the ongoing maturity of Commerce's PCI DSS 4.0 program, including Targeted Risk Analyses (TRAs), customized approach applicability, and annual assessment planning. Scoping & Segmentation: Partner with Cloud Engineering to validate and maintain PCI scope across Commerce's global footprint, ensuring effective network segmentation and data flow isolation. ISA Oversight: Manage and support ISA-designated personnel; ensure the ISA function operates with rigor and consistency aligned to PCI Council standards. Integrated Controls Framework: Oversee Commerce's Secure Controls Framework (SCF), built from NIST, ISO 27001, and PCI DSS, ensuring controls are designed, tested, and documented to satisfy multiple regulatory obligations simultaneously across all business units. Compliance by Design: Provide GRC leadership on architectural reviews, product launches, and infrastructure changes across Commerce, Feedonomics, and Makeswift to ensure regulatory requirements are addressed upstream — not as an afterthought. Regulatory Intelligence: Stay ahead of emerging requirements across PCI, SOC, and ISO 27001:2022, translating regulatory changes into actionable program updates. Who You Are: Experience: 6–10 years in Information Security, IT Audit, or GRC, with demonstrated ownership of enterprise-level audit programs (PCI, SOC 2, ISO 27001, or SOX). Audit Fluency: Proven track record managing Level 1 Service Provider assessments and navigating complex, multi-framework audit environments spanning multiple business units or legal entities. Control Owner Partnership: Demonstrated ability to work cross-functionally with control owners and operational teams, holding stakeholders accountable to their compliance obligations while maintaining strong working relationships. Regulatory Expertise: Deep working knowledge of PCI DSS 4.0, ISO 27001:2022, SOC 2 Trust Service Criteria, and SOX IT general controls. Leadership Presence: Ability to influence and manage cross-functional stakeholders at all levels — from engineers to executives — with clarity, diplomacy, and conviction. Communication: Skilled at translating compliance requirements into business-relevant language that drives enablement rather than friction. Certification: PCI ISA, CISA, CISSP, or equivalent audit/security certification strongly preferred. Big 4 Experience: Prior experience at a Big 4 advisory or audit firm (Deloitte, PwC, EY, KPMG) in an IT audit, risk advisory, or security compliance capacity is a strong plus. Cloud Security: Experience applying GRC frameworks in cloud-native environments and familiarity with modern cloud security tooling. You lead with the "Why": You build compliance programs that improve security posture — not just check boxes. Your teams and control owners understand the intent behind every requirement. Strategically Grounded, Technically Fluent: You can hold your own in a conversation about IAM policies or network segmentation, and you can turn that same conversation into an executive briefing. Multi-Entity Mindset: You are comfortable operating across distinct business units with different tech stacks, cultures, and maturity levels — bringing consistency to the control framework without losing sight of context. Calm Under Audit Pressure: You thrive in high-stakes audit cycles and know how to keep teams focused, organized, and confident when external scrutiny is highest. (US Pay Transparency Range: $112,870.00 - $169,306.00) #LI-RA1 Inclusion and Belonging At Commerce, we believe that celebrating the unique histories, perspectives and abilities of every employee makes a difference for our company, our customers and our community. We are an equal opportunity employer and the inclusive atmosphere we build together will make room for every person to contribute, grow and thrive. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the interview process, to perform essential job functions and to receive other benefits and privileges of employment. If you need an accommodation in order to interview at Commerce, please let us know during any of your interactions with our recruiting team. Learn more about the Commerce team, culture and benefits at Protect Yourself Against Hiring Scams: Our Corporate Disclaimer Commerce, along with many other employers, has become the subject of fraudulent job offers to hopeful prospective job seekers. Be advised: Commerce does not offer jobs to individuals who do not go through our formal hiring process. Commerce will never: require payment of recruitment fees from candidates; request personally identifiable information through unsanctioned websites or applications; attempt to solicit money from you as part of the hiring process or as part of an employment offer; solicit money to complete visa requirements as part of a job offer. If you receive unsolicited offers of employment from Commerce, we urge you to be extremely cautious and avoid engaging or responding. The Commerce story is one of global growth, incredible talent, and unstoppable passion in all we do. Despite our huge success so far, we’re still just getting started! Explore our history, mission and values. You’ll see we’re set on shaping the now - and the future - of ecommerce. Don’'t Miss Out! Like what you see but suffering from some serious FOMO? Join our Commerce Talent Community, and plug in to our latest news and career opportunities. We’re a group of clever, committed, curious people, unleashing talent in all we do. We believe in the power of togetherness, striving at the edge of what’s possible, impacting the lives of billions of people for the better. In all we do, We Do Extraordinary–and that’s no small feat! Our people are our power. It’s only through dedication, collaboration, and inspiration that we can Do Extraordinary. We’re natural problem-solvers, champions of empowering businesses, and hungry learners… but we also play nerf wars in the office, support each other, and hang out outside of work.
- ...and more. About the Role LS Power Grid is seeking an Manager of OT Security & Compliance to lead two closely aligned teams within our... ...and maintaining our core security tooling, and the OT Governance, Risk & Compliance (GRC) team, responsible for the policy framework...Suggested
$163k - $237k
...experience. 5 years of experience in technical product management, including experience taking software products... ...corporate/enterprise environment. Experience working in Risk Management, Compliance, Security, or Governance (GRC) technology. Ability to use data to justify...SuggestedFull time$161.5k - $190k
...for starting up new sites and managing client operational expectations, ensuring compliance to contract deliverables. This... ...operational readiness, identifying risks, and ensuring compliance with... ...sustainability, and cost optimization. Governance, Risk & Compliance Ensure...SuggestedContract workLocal areaFlexible hours- ...the leader in Database Change Governance and Database DevOps. We help... ...strengthening governance, security, compliance, auditability, and control across... ...for a Senior Product Manager to help advance Liquibase's... ...regulatory compliance, security, and risk evaluation . This is a...SuggestedRemote jobHome officeFlexible hours
$118.4k
...leadership for the data governance team in support of... ...software development management for IT projects. Creates... ...Advise clients on options, risks, cost vs benefit,... ...functional areas. Ensure compliance with corporate... ...Procedures as well as all data security guidelines established...SuggestedTemporary workFor contractorsWork at officeLocal area$198k - $368k
...KPMG is currently seeking a Director, Security Compliance to join our Digital Security team. Responsibilities... ...specialist-level knowledge of risk, compliance, and information security... ...and challenging the status quo; manage and review those team members' work product...Temporary workH1bLocal area$112k - $128k
...PIMCO Manager Position PIMCO is a global leader... ...investors who seek strong risk-adjusted returns.... ...Manager to join our Fund Governance team. This team plays... ...stakeholders across Legal & Compliance, Account Management,... ...Company Act of 1940, Securities Act of 1933, Form N‑1A...Contract workWork at officeFlexible hours$130k - $140k
...Job Description Role: Manager, Security Operations Location: United States... ...for the operational delivery, governance, and assurance of... ...reviews, vulnerability and risk tracking. Ensure consistent,... ...working with Legal, Privacy, or Compliance teams during security incidents...Full time$135k - $168k
...Collateralized Loan Obligation (CLO) Operations Manager PIMCO is a global leader in active... ...financing and investors who seek strong risk-adjusted returns. Since 1971, our... ..., including portfolio managers, risk and compliance, and service providers, requiring a deep...Work at officeFlexible hoursShift work$30 - $35 per hour
...training is complete. Location: Austin, TX Responsibilities Manage resource planning, monitor workflows, oversee day-to-day... ...improve the company experience. Maintain a controlled risk environment and ensure compliance with business Professional Standards and Operation team...Hourly payContract workWork experience placementWork at officeRemote work$90k
...part of one of the largest and fastest-growing privately held security companies in the U.S! Since 1998, Sunstates Security has built... ...members are provided with the tools, knowledge, and hands-on management support necessary for long-term success. Our commitment to...Full timeContract workTemporary workLocal areaImmediate startAll shiftsWeekend workDay shift$184.5k - $276.7k
Manager, Data Center Portfolio & Capacity Strategy Sony Interactive... ..., capacity, performance, and governance of SIE's global portfolio of... ...resilience, cost‑efficiency, and compliance. The role requires strong... ...service levels and mitigate risks. Governance & Reporting - Establish...Contract workTemporary workWorldwide- Technical Program Manager, Marketing Data Governance Reports to: Senior Manager, Information Architecture Locations Austin, Texas, United States of America Vancouver, British Columbia, Canada Montreal, Quebec, Canada Studio / Department Marketing Work Model Hybrid...Full timeLocal area
$185k - $237.5k
...company is seeking a Principal Product Operations and Risk Analyst in Austin, Texas. This role entails managing the Product Risk function, collaborating with... ...teams to assess and mitigate risks, and ensuring compliance with regulatory standards. Candidates should have...- K&L Gates LLP is looking for an AI Program Manager to lead critical technology initiatives in Austin, TX. This role involves managing vendor relationships, translating business goals into actionable plans, and driving AI objectives throughout the organization. Applicants...
$58.1k - $95.9k
A leading IT service provider in Austin is looking for a Change Management Engineer to design and govern ITIL-aligned change processes in a federal IT environment. This role involves evaluating change requests, collaborating with stakeholders to minimize service disruptions...$132.23k - $176.31k
...ecosystem. We enable secure, high‑performance connectivity... ...for enterprises, governments, and communities.... ...The Role The Senior Manager, Security and Enablement... ...everything we build—balancing risk, speed, and outcomes... ..., policy and compliance. Evaluate security...Temporary workRemote work$200k - $250k
...on options processing and OCC operations, regulatory compliance, and operational risk management across multiple asset classes. Responsibilities Strategy... ...methodology and risk calculations. Deep knowledge of securities settlement and clearance (DTC, NSCC, Fedwire, OCC)...Work experience placementWork at officeWork from home3 days per week$99k - $232k
...member’s unique strengths, and managing performance to deliver on... ...Opportunity As part of the Data Governance team, you will lead the... ...'s methodologies and confirm compliance with standards - Identify areas... ...thoughtfully to establish a secure and trusted workplace for all...Full timeH1b$192k - $279k
Staff Technical Program Manager, Data Center Data Security Google Austin, TX, USA; Atlanta, GA, USA X Note... ...stakeholders to plan requirements, identify risks, manage project schedules, and... ...our security posture, ensure compliance, and manage risk. You will be responsible...$100k - $150k
...heard your next great opportunity is just a few clicks away! Security Systems Sales Representative The Security Systems Sales... ...growth role responsible for supporting Global Strategic Account Management (GSAM) efforts while driving revenue growth in integrated security...Contract workFor contractors- A leading security firm located in Austin, Texas, is seeking a Contract Manager responsible for managing all contract-related operations and ensuring compliance across security services. The ideal candidate will have a minimum of five years of experience in project management...Contract work
- ...Prometheus Security Group Global (PSG) seeks a Project Manager for their Austin, Texas office. The ideal candidate will manage large-scale electronic security projects, ensuring they meet deadlines and quality standards. Key responsibilities include project planning, budget...Work at office
$25 - $28 per hour
...and South America. The Product Operations Specialist, Risk is responsible for the day‑to‑day risk and fraud operations... ...for risk events, escalating to Business Credit Risk, Compliance, or Tech as needed Manage a high volume of cases accurately and within established...Hourly pay- Rapid Fire Safety & Security LLC is looking for a Service Manager in Austin, Texas. The Service Manager will manage service and support staff to ensure... ...while maintaining a focus on customer satisfaction and compliance with safety regulations. The ideal candidate will...
- Position Overview A Project Manager at Pref-Tech will be responsible... ...Pref-Tech meet all project compliance requirements: Certificates of... ...written formats. Mitigate risks and problems and resolve any... ...requirements. Obtain and maintain a security license through the Texas...Contract workFor contractorsFor subcontractorWork at officeMonday to FridayNight shift
- DoorDash is seeking a Sr. Associate Project Manager in Austin, Texas to lead projects related to physical security technology. You will work with cross-functional teams to ensure projects are delivered on time and within budget while traveling 25%+. The ideal candidate...
$55 - $60 per hour
...Database Administrator for a contract role based in Austin, TX. The ideal candidate will have 6-8 years of experience managing MongoDB databases in secure environments. Responsibilities include designing and configuring database systems, implementing security protocols,...Hourly payContract work- Ouro, based in Austin, Texas, is seeking a manager for their Risk Data Analytics team. The role focuses on building visualizations, monitoring KPIs, and conducting data analysis to optimize product performance and reduce risks. Additionally, you will lead a team of analysts...
$86k - $117k
A leading building technology firm in Austin is seeking a Field Project Manager for their Fire division. The role involves managing complex fire alarm and security installation projects across various sectors. Candidates should have a high school diploma, relevant certifications...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Manager, Security Governance Risk & Compliance. Be the first to apply!
- corporate security manager Austin, TX
- security project manager Austin, TX
- security systems manager Austin, TX
- security manager Austin, TX
- program manager with security clearance Austin, TX
- director information security Austin, TX
- director global security Austin, TX
- senior director information security Austin, TX
- surveillance manager Austin, TX
- senior security manager Austin, TX

