GRC Manager
$139.25k - $168.32kMattermost
Mattermost is the leading collaborative workflow platform for defense, intelligence, security, and critical infrastructure. Trusted by the U.S. Department of War and Fortune 500s, our platform runs on-premises and in private clouds, delivering secure messaging, file sharing, workflow automation, audio/screenshare, and project management—all with full data and operational control. Mattermost powers high-stakes workflows across mission planning, real-time, real-world operations, DevSecOps, incident response, and cyber defense—enabling secure collaboration from tactical edge and DDIL environments to enterprise HQ. Teams operate across web, desktop, and mobile, with embedded interoperability for Microsoft Teams, Outlook, and Microsoft 365. To learn more, visit Mattermost is hiring a GRC Manager to own and modernize our governance, risk, and compliance program across both federal and commercial markets. This is a program-ownership role for someone who brings a modern, engineering-led approach to compliance — harnessing GRC engineering and AI to reduce manual effort and scale our programs. You will own Mattermost's compliance posture end to end, accountable for our federal readiness and commercial certifications, and you will modernize how we run them: automated, continuously monitored, and AI-native. You will do the hands-on compliance work while coordinating across internal stakeholders in engineering, infrastructure, and IT who implement controls, the external auditors who assess them, and the customers whose trust rests on the outcome. As the program scales, you will grow and lead the team behind it. What You'll Do Own and modernize Mattermost's compliance programs across federal and commercial markets Lead readiness, certification, and surveillance cycles across both programs Operate the risk management program end to end — from identification and assessment through treatment and acceptance Own the third-party and vendor risk management program, including security assessments and supply chain risk Apply GRC engineering and automation to replace manual evidence collection with continuous controls monitoring Build AI-native workflows to accelerate and improve the quality of recurring compliance work Maintain the control library, system security plans, POA&Ms, and policies Coordinate external audits from scoping through remediation Accelerate deal cycles by owning customer security questionnaires, trust center content, and reusable compliance artifacts Grow and lead the GRC team as the program scales What We're Looking For Bachelor's degree in computer science, information security, or related field — or significant professional GRC and compliance experience Proven senior-level experience in governance, risk, and compliance, security compliance, or IT audit, including direct ownership of a certification or authorization program Experience with U.S. Federal standards including CMMC and NIST series (800-171 / 800-53) Experience with ISO 27001 and SOC 2 Type II Experience operating a formal risk management program Experience running a third-party and vendor risk management program Experience owning customer-facing security assurance, including security questionnaires and trust center content Working knowledge of security controls for cloud environments (AWS, GCP, and/or Azure) Excellent written and verbal communication skills Nice to Have Professional GRC certifications such as CISA, CRISC, CISM, CISSP, or CIPP Experience working with AI platforms such as Claude, OpenAI, or Gemini Experience with compliance automation tooling such as Vanta or Drata, and continuous controls monitoring Direct experience applying AI or LLM-based workflows to GRC tasks Proficiency in no-code automation or scripting languages Past success in critical infrastructure industries including defense, cybersecurity, communications, or manufacturing How Success Is Measured CMMC Level 2 gap assessment and readiness roadmap delivered within first 90 days SOC 2 Type II and ISO 27001 audit cycles completed on time without slippage Manual evidence collection replaced with automated, continuously monitored controls Customer security questionnaires and trust center content maintained to unblock deal cycles GRC team grown and operating as a scalable, program-driven function Why Mattermost Mission-driven work: Your contributions directly support the organizations and missions that depend on secure, reliable collaboration Remote-first culture: Work from anywhere with a globally distributed, high-trust team built for autonomy and ownership Open source at the core: Be part of a vibrant developer community shaping the future of secure collaboration AI-forward environment: We actively adopt and build AI-enabled workflows — you'll work with and on cutting-edge tooling Unique scope: Own the compliance program end to end across both federal and commercial markets at a high-growth Series B company Compensation Mattermost takes a market-based approach to pay. Actual compensation may vary based on location, skills, experience, qualifications, and market conditions. Target Salary Range: $139,254-$168,318 U.S. Eligibility & Compliance This role requires U.S. citizenship. Candidates must be located in the United States and eligible to obtain and maintain a U.S. government security clearance. For more information visit Security Clearances — United States Department of State Applicants must meet eligibility requirements for access to export-controlled information as defined by U.S. export control laws, including EAR and ITAR. For more information visit the Bureau of Industry and Security and the Directorate of Defense Trade Controls. Mattermost is an EEO Employer, we are a remote-first, open-source company. We are continually working to expand our hiring in more countries and regions, ensuring compliance with local laws and regulations, which takes time. Mattermost values your unique perspective—we welcome all applicants. We encourage individuals from all backgrounds to apply and are committed to assessing candidates based on their skills and qualifications. We do not tolerate discrimination against staff or applicants based on race, religion, national origin, age, disability, pregnancy status, veteran status, or other personal characteristics. If you require accommodations during the interview process, please let us know—we’re happy to assist.
$216k - $252k
About the Team Governance, Risk, and Compliance (GRC) is foundational to Security delivering mission outcomes at OpenAI. The GRC team provides security assurances and builds compliance for OpenAI's technology, people, and products. We are technical in what we build but...Suggested- AnaVation LLC is looking for a Customer Success Program Manager to oversee GRC services for federal agencies in Washington DC. The role involves managing service delivery, developing new offerings, and ensuring client satisfaction. A strong background in cybersecurity...SuggestedRemote job
- Deputy is seeking a GRC Program Manager to lead their integrated governance program. This hands-on role involves managing compliance frameworks and executing security certifications within a SaaS environment. The ideal candidate will possess 5+ years of GRC experience,...SuggestedFlexible hours
- Norm AI is seeking a Security Program Manager in New York City. This hybrid role focuses on security compliance and risk management, collaborating... ...in security program management and a strong background in GRC. Attractive compensation and benefits are offered, including...Suggested
$212k - $230k
...in the United States is seeking a Director of Governance, Risk, and Compliance (GRC) to define and execute security governance strategies. This role requires strong expertise in managing compliance, overseeing third-party risks, and leading audits. The ideal candidate...SuggestedRemote job- A leading technology firm in Atlanta, Georgia, is seeking an experienced Project Manager specializing in Governance, Risk Compliance (GRC). The ideal candidate will have over 12 years of project management experience, a strong understanding of ISO 27K controls, and expertise...
- A cutting-edge cybersecurity firm is seeking an Account Executive to drive sales of their AI-powered GRC platform. This remote role focuses on engaging enterprise customers and navigating regulatory requirements like PCI, HIPAA, and NIST. Candidates must have over 3 years...Remote job
- Providge Consulting is seeking a Technical Product Manager specializing in Security & Compliance to support the Governance, Risk, and Compliance (GRC) team within IT. Responsibilities include gathering requirements, developing product roadmaps, managing a product backlog...Full time
- ...knowledge in regulatory compliance standards. The ideal candidate will have over 3 years of quota-carrying sales experience and knowledge of GRC solutions. Candidates should be prepared to manage territory planning and partner development efforts. #J-18808-Ljbffr Covenant HRRemote job
- ...into prioritized inputs for the Product, Engineering, and Security GRC roadmaps. Define metrics, SLAs, and escalation frameworks for... ...customer‑facing security programs. Have a proven track record managing enterprise security relationships at scale: you’ve personally led...Full timeContract workFlexible hours
- ...for pay equity and transparency, compensation, and performance management. Trusted by some of the world’s most respected companies, beqom... ...Role Overview We are looking for an experienced and pragmatic GRC Manager to build, own, and continuously strengthen beqom’s governance...Worldwide
$66.26 - $98.56 per hour
...healthcare organization is seeking a Director of IT Cybersecurity GRC. This remote position requires expertise in cybersecurity risk... ...developing cybersecurity strategies, overseeing assessments, and managing teams to enhance the organization's security posture. This...Remote jobHourly pay- Polymarket is seeking a Director of GRC & Privacy to establish the governance, risk, and compliance function within their security organization... .... This senior role will report to the CISO and involves managing a team to oversee compliance obligations including PCI-DSS and...
- ...of successful sales experience in mid-market software. You will manage the full sales cycle, collaborating with key stakeholders at enterprise... ...commission structure, making it ideal for driven individuals ready for a greenfield hunting role. #J-18808-Ljbffr LockThreat GRC
- ...integrated global real estate platform offering expertise in property management, investment management, development, and construction services... ...SUMMARY The Senior Manager, Information Security GRC owns the strategy, execution, and continuous improvement of Greystar...Full timeContract workWork experience placementLocal areaImmediate start
$140.91k - $169k
...found here. Role Overview ID.me is seeking a Technical Program Manager – Security Assurance to serve as the operational backbone of our... ...native environment (AWS or GCP). ~ Hands-on experience with a GRC platform (LogicGate preferred) for control tracking, evidence...Full timeTemporary workWork at officeRemote workFlexible hours$145k - $160k
...environment, this is your role. Key Responsibilities Lead and mature the GRC program across security, privacy, and regulatory compliance... ...programs, including risk analysis, workforce training, and BAA management. Lead HITRUST CSF assessment cycles — scoping, gap analysis,...Immediate start- We are seeking a GRC System Engineering Manager to lead the design, development, deployment, and operation of an enterprise Governance, Risk, and Compliance (GRC) technology platform. This role owns the GRC technology strategy and roadmap and is responsible for driving...Full timeLocal areaRemote workWorldwide
$85k - $140k
Tata Consultancy Services is seeking a Project Manager with over 8 years of experience in Governance, Risk, and Compliance (GRC) to manage projects ensuring effective assessments and remediations for suppliers. The role requires a strong understanding of ISO 27001 controls...- Ferrero SpA is seeking an IT Product Manager specializing in SAP Security in Chicago, IL. This role entails managing SAP GRC security configurations and driving enterprise-wide SAP initiatives while ensuring compliance with best practices and policies. The ideal candidate...
- ...a Senior Director, Security Governance, Risk, and Compliance (GRC) to lead their global GRC team. This role requires over 15 years... ...experience in security leadership, focusing on innovative risk management strategies. The ideal candidate will drive measurable outcomes,...
$149k - $248k
...business development and mentoring junior staff on best practices. The ideal candidate has 7+ years of experience, strong project management skills, and the ability to obtain a DoD security clearance. Expected compensation range is $149,000 to $248,000 annually,...Remote job- Position Overview Papa Johns is seeking a Senior Manager, Governance, Risk & Compliance to establish and operate the cybersecurity governance... ...organizational boundaries, and experience building and scaling GRC capabilities in complex environments. Responsibilities The...For contractors
$171.2k - $188.32k
...Inventory to Deliver Forecast to Plan Enterprise Asset Management Job Summary: The SAP Technical Architect is a senior-level role... ...administration, security, Governance, Risk, and Compliance (GRC), and long-term technical strategy. The SAP Technical Architect...Live inRemote workWorldwide$182k - $295k
About the role Hex is looking for our first Security GRC Manager to build, scale, and own our security and privacy compliance programs. This role is pivotal in setting the foundation for how Hex meets regulatory, customer, and industry obligations across frameworks including...Flexible hours- Salesforce, Inc. is seeking a Manager - Governance, Risk and Compliance Security Automation. This role involves leading the design, deployment... .... The ideal candidate has over 8 years of experience in GRC, Cybersecurity, or Software Engineering with expertise in automation...Full time
$138.24k
Position Technology Consulting, Technologies & Platforms, Risk Technology - SAP Security and GRC (Manager) (Multiple Positions) (1710176), Ernst & Young U.S. LLP, Houston, TX. Responsibilities Provide Risk Management services to help clients enhance their risk strategy...Full timeTemporary workWork experience placementMonday to FridayFlexible hours- ...that blends U.S. innovation with Colombian heart A company that listens, invests in you, and celebrates wins together Senior Manager, Security GRC drives the enterprise security governance framework, shaping risk posture, compliance strategy, and policy architecture...Work at officeRemote workFlexible hours
$400 per month
...experience, making it easy for businesses to accept, disburse and manage payments. Our modern and reliable platform lowers the total cost... ...We are seeking a detail-oriented and proactive Sr. Security GRC Manager to join our team. This role is responsible for identifying...Remote jobFull timeContract workWork from homeFlexible hours- Centaur Labs is seeking a Manager of Governance, Risk and Compliance Security Automation located in San Francisco. This role involves leading... .... The ideal candidate should have extensive experience in GRC, cybersecurity, and software engineering with expertise in languages...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to GRC Manager. Be the first to apply!
- yacht manager United States
- adoption manager United States
- cardiology manager United States
- screen printing manager United States
- infection prevention manager United States
- manager total rewards United States
- recreation manager United States
- copy manager United States
- electronic manager United States
- storage manager United States


