Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Senior Security GRC Lead

$121k - $185k

Gong

Company Overview Gong harnesses the power of AI to transform how revenue teams win. The Gong Revenue AI Operating System unifies data, insights, and workflows into a single, trusted system that observes, guides, and acts alongside the world’s most successful revenue teams. Powered by the Gong Revenue Graph, AI‑powered intelligence, specialized agents, and trusted applications, Gong helps more than 5,000 companies around the world deeply understand their teams and customers, automate critical sales workflows, and close more deals with less effort. For more information, visit At Gong, you will join a company built on innovative products, ambitious goals, and passionate people. We are shaping the future of revenue intelligence and we want people who are excited to build what comes next. You will work with a team that dreams big, moves fast, and cares deeply about the craft and about each other. Here, transparency and trust are core to how we operate, and every person has the opportunity to make a visible impact. If you want to grow, stretch, and do work that truly matters, Gong is the place to do the best work of your career. Role Summary This is a high‑visibility, high‑impact role at the center of Gong’s security and compliance story. As our Senior GRC Security Lead, you will be the architect of foundational programs we are building — Gong’s first‑ever Common Controls Framework, standing up a formal risk process and register, implementing a GRC tooling ecosystem, and owning the full policy, standards, and exceptions management lifecycle. It’s a role for a builder — someone who thrives in ambiguity, operates with urgency, and finds energy in creating order from complexity. You will work directly with Legal, Sales, Engineering, Customer Audit teams, and executive stakeholders, and your fingerprints will be visible across everything Gong builds for compliance and trust for years to come. Responsibilities Design and implement Gong’s Common Controls Framework, mapping controls across SOC 2, ISO 27001, 27017, 27701, 27018, HIPAA, PCI, and other applicable frameworks. Rationalize overlapping requirements across frameworks to reduce compliance burden and create a single source of truth for control ownership. Partner with Engineering, Infrastructure, and Product Security to embed controls at the architecture level, not just as audit checkboxes. Establish control testing methodology, evidence collection standards, and continuous control monitoring processes. Serve as the subject‑matter expert on control mapping during customer and external audits, RFPs, and enterprise sales engagements. Build Gong’s product & enterprise risk register from the ground up—defining risk taxonomy, scoring methodology, risk appetite thresholds, and ownership models. Implementation of a GRC platform and system of record, and ability to build executive‑level dashboards to track vulnerability, risk, and control remediation. Create and maintain risk treatment plans in partnership with risk owners across the business, tracking remediation milestones and escalating blockers. Develop executive‑level risk reporting cadences and dashboards for the Head of GRC and senior leadership. Own the complete lifecycle of Gong’s information security policy suite—creation, review cycles, version control, and employee acknowledgment tracking. Establish and operate a formal exceptions management program, including intake, risk assessment, approval workflows, compensating controls, and periodic review. Ensure policies remain aligned with evolving regulatory requirements, industry frameworks, and Gong’s rapidly changing technology environment. Drive policy adoption through clear communication, training support, and cross‑functional partnership. Liaise with external auditors and certification bodies for SOC 2, ISO, and other certifications. Qualifications 7+ years of progressive experience in GRC, Information Security, or a closely related function— with meaningful time spent building or scaling programs, not just running them. Demonstrated hands‑on experience building a GRC program at scale—ideally in a high‑growth SaaS or technology company. Deep expertise across multiple compliance and security frameworks, including SOC 2 Type II, ISO 27001, NIST CSF, and at least one regulatory framework (GDPR, CCPA, HIPAA, or equivalent). Experience creating and implementing GRC record of truth/tooling. Strong policy and standards writing ability—capable of translating complex regulatory language into clear, actionable documentation. Experience conducting and managing product & enterprise risk assessments, with a working knowledge of risk quantification methodologies. Proven ability to manage and communicate with senior stakeholders, including Legal, Engineering, and executive audiences. Bachelor’s degree in Information Security, Computer Science, Business, or a related field; equivalent practical experience considered. Relevant certifications strongly preferred: CISSP, CISM, CRISC, CISA, CCSP, or comparable credentials. Benefits Medical, dental, and vision plans designed to fit you and your family’s needs. Wellbeing Fund—flexible wellness stipend to support a healthy lifestyle. Mental health benefits with covered therapy and coaching. 401(k) program to help you invest in your future. Education & learning stipend for personal growth and development. Flexible vacation time to promote a healthy work‑life blend. Paid parental leave to support you and your family. Company‑wide recharge days each quarter. Work‑from‑home stipend to help you succeed in a remote environment. Compensation The annual salary hiring range for this position is $121,000 - $185,000 USD. Compensation is based on factors unique to each candidate, including, but not limited to, job‑related skills, qualification, education, experience, and location. At Gong, we have a location‑based compensation structure, which means there may be a different range for candidates in other locations. The total compensation package for this position, in addition to base compensation, may include incentive compensation, bonus, equity, and benefits. Important Notice We have noticed a rise in recruiting impersonations across the industry, where scammers attempt to access candidates' personal and financial information through fake interviews and offers. All Gong recruiting email communications will always come from the @gong.io domain. Any outreach claiming to be from Gong via other sources should be ignored. Equal‑Opportunity Employer Statement Gong is an equal‑opportunity employer. We believe that diversity is integral to our success, and do not discriminate based on race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, military status, genetic information, or any other basis protected by applicable law. Privacy Policy To review Gong's privacy policy, visit for more details. #J-18808-Ljbffr Gong

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Senior Security GRC Lead in San Francisco, CA vacancy
  • $121k - $185k

     ...work of your career. Role Summary This is a high‑visibility, high‑impact role at the center of Gong’s security and compliance story. As our Senior GRC Security Lead, you will be the architect of foundational programs we are building — Gong’s first‑ever Common Controls... 
    Senior
    Remote work
    Work from home
    Flexible hours

    Gong.io

    San Francisco, CA
    1 hour ago
  • $193.8k - $228k

    A leading technology company in San Francisco seeks a Senior GRC Analyst II. In this role, you will manage the Governance, Risk, and Compliance program, ensuring it aligns with security strategies. Candidates should have a strong knowledge of information security frameworks... 
    Senior

    Itlearn360

    San Francisco, CA
    12 hours ago
  • Gong is seeking a Senior GRC Security Lead to architect foundational security programs as part of their compliance and trust initiatives. This role involves designing and implementing Gong's Common Controls Framework and working closely with engineering, legal, and audit... 
    Senior

    Gong

    San Francisco, CA
    1 day ago
  •  ...seeking a governance, risk, and compliance analyst to shape and lead our program. You will drive frameworks like SOC2, ISO 27001 and...  .... The role emphasizes cross-functional collaboration across IT, Security, GTM, and Engineering in a data‑driven environment. #J-18808-Ljbffr... 
    Senior

    Perplexity

    San Francisco, CA
    2 days ago
  • $153.6k - $192k

     ...intention. Our teams span Software, Data, Security, and IT, and operate with high autonomy...  ...with technical execution. As a Senior GRC Engineer, you will drive critical GRC processes...  ...partners by producing documentation and leading training sessions Evangelize best practices... 
    Senior
    Work at office
    Immediate start
    Remote work
    Work from home

    United States Digital Space LLC

    San Francisco, CA
    3 days ago
  • Responsibilities Pallet is hiring its first dedicated GRC leader to own how we earn and keep trust:...  ...deals at Pallet increasingly hinge on security posture. You’ll sit in on customer...  ...seat with a clear path to building and leading a team Run SOC 1 and SOC 2 Type II audit... 
    Temporary work
    Live in
    Work at office
    Remote work
    Flexible hours

    Pallet

    San Francisco, CA
    4 days ago
  • Figma Job is looking for compliance and risk management professionals to join their GRC team. The ideal candidate will lead compliance programs across security frameworks like SOC2 and manage audits. The position offers the opportunity to improve processes and enhance organizational... 
    Remote job
    Full time

    Figma Job

    San Francisco, CA
    2 days ago
  • Salesforce is seeking a Manager of Governance, Risk, and Compliance Security Automation to lead compliance automation capabilities. This role requires 8+ years of experience in GRC, Cybersecurity, or Software Engineering. You will design automated solutions, lead a team... 

    Salesforce

    San Francisco, CA
    1 day ago
  • Brex LLC is seeking a Senior GRC Engineer based in San Francisco to drive critical Governance, Risk, and Compliance processes. This role emphasizes automating security controls and integrating security tools, ensuring compliance as the company expands. Candidates should... 
    Senior

    Dormont Manufacturing Company

    San Francisco, CA
    4 days ago
  • Postman is seeking a Senior GRC Engineer to design and operate automation for governance, risk, and compliance across our security program. You will partner with Security, Engineering, IT, Legal, and Sales to drive continuous controls and scalable solutions. The role focuses... 
    Senior

    laptop-battery

    San Francisco, CA
    1 day ago
  •  ...Nscale Ltd. is seeking a Senior Workday Analyst to own Workday across Europe, North America...  ...You’ll set direction for configuration, security, and usage, reporting to the Director,...  ...compliance as we scale. The role includes leading platform stability, release management, and... 
    Senior

    Nscale Ltd.

    San Francisco, CA
    4 days ago
  • $161.6k - $202k

    Headway in San Francisco is seeking a Senior Governance, Risk, Compliance (GRC) Analyst to join their Security team. This role focuses on handling sensitive health data and supporting security certifications like HITRUST and SOC 2. Candidates should have over 5 years of... 
    Senior
    Flexible hours

    Headway

    San Francisco, CA
    1 day ago
  •  ...seeking a Sr Manager for InfoSec Governance Risk and Compliance (GRC) in San Francisco, California. The role involves managing a...  ...compliance efforts, while serving as a subject matter expert on security frameworks. The ideal candidate will have over 7 years managing... 

    Dormont Manufacturing Co

    San Francisco, CA
    2 days ago
  • $150.9k - $226.3k

    jobr.pro is seeking an Incident Response Technical Program Manager in San Francisco, CA, to lead security incident responses and develop coordination processes. This senior role demands collaboration across engineering, security, and customer teams to ensure effective... 
    Senior

    jobr.pro

    San Francisco, CA
    4 days ago
  •  ...Controls Specialist responsible for managing cybersecurity risks and controls. In this role, you will work closely with information security teams, oversee risk and compliance policies, and promote security risk awareness activities. The ideal candidate has at least 7... 
    Senior

    SoFi

    San Francisco, CA
    1 day ago
  • $127k - $249k

    Insider, Inc. is seeking an experienced Senior or Staff Engineer for their SRE, InfraSec team based in San Francisco. This role involves guiding the security of cloud infrastructure, leading teams, and implementing security solutions across AWS, Azure, and GCP. Candidates... 
    Senior
    Flexible hours

    Insider, Inc.

    San Francisco, CA
    1 day ago
  •  ...of technology risk management activities across infrastructure, security, product, and data domains. You will challenge first‑line risk...  ...decisions, assess control design, and report on risk indicators to senior leadership. Ideal candidates have extensive experience in... 
    Senior

    Early Warning Services LLC

    San Francisco, CA
    1 day ago
  • Aurora is seeking a Staff Technical Program Manager, Vehicle Security to lead cross-team security programs spanning vehicle and platform security. You will own program governance and drive end-to-end execution for the Aurora Driver platform, coordinating across hardware... 
    Senior

    NextGenEnergyJobs

    San Francisco, CA
    2 days ago
  • # Senior Offensive Security ManagerSenior Offensive Security Manager at Postman. Who Are We? Postman is the world’s leading API platform, used by more than 45 million+ developers and 500,000 organizations, including 98% of the Fortune 500. Postman is helping developers... 
    Senior

    MeetDev

    San Francisco, CA
    1 day ago
  • Vapi Inc. is seeking a DevSecOps Lead based in San Francisco, CA. This pivotal role involves enhancing the security posture for our Fortune 500 clients, ensuring compliance, and building robust security automation systems. The ideal candidate has 5-10 years of experience... 
    Senior

    VAPI

    San Francisco, CA
    4 days ago
  • A leading blockchain and AI platform in San Francisco is seeking a Senior Site Reliability Engineer to ensure the reliability and security of their production infrastructure. You will maintain blockchain infrastructure, build automation, and collaborate with teams to embed... 
    Senior
    Remote work

    ZetaChain

    San Francisco, CA
    1 day ago
  • $232k - $290k

    Ripple is seeking a Senior Staff Security Engineer in San Francisco, focusing on AI Security and contributing to the company’s security posture. The role involves driving AI security strategy, implementing controls, and engaging in regulatory discussions. With a competitive... 
    Senior

    Not Human Search

    San Francisco, CA
    1 day ago
  •  ...schedule Position Summary We are seeking a highly experienced Senior Event Center Lead to provide strategic and operational leadership for a high-...  ...venue logistics, including vendor coordination, catering, security, facilities, and overall event readiness Navigate... 
    Senior
    Work at office

    Marvel Marketers

    San Francisco, CA
    2 days ago
  •  ...privacy by design and customer trust. You will implement frameworks like SOC 2, ISO 27001 and HIPAA, ensure GDPR/CCPA/CPRA compliance, design scalable audit processes and a robust GRC platform, and help lead regulatory strategy for AI safety. #J-18808-Ljbffr Perplexity

    Perplexity

    San Francisco, CA
    12 hours ago
  • $193.8k - $228k

    Senior GRC Analyst II job at Carta. San Francisco, CA. The Problems You'll Solve As a Senior...  ...risk frameworks. You will build and run security compliance programs to measure and...  ...business objectives. Develop, maintain, and lead the adoption of security policies,... 
    Senior
    Full time

    Itlearn360

    San Francisco, CA
    12 hours ago
  • Gravity Engineering Services Pvt Ltd. is seeking a seasoned security engineer in San Francisco to lead the product security strategy. Your role will focus on defining secure design principles, conducting threat modeling, and managing security processes across cross-functional... 
    Senior

    Gravity Engineering Services Pvt Ltd.

    San Francisco, CA
    4 days ago
  • The Bay Area Air Quality Management District is seeking a Senior Systems Analyst to lead technology initiatives that support public health and environmental goals. This role offers opportunities in operations, cybersecurity, and business analysis. As a key member of the... 
    Senior
    Full time

    The Bay Area Air Quality Management District

    San Francisco, CA
    1 day ago
  • A leading gaming platform is seeking a Senior Enterprise Security Engineer to enhance the security of its enterprise environment. The candidate will design security measures, deploy tools, ensure compliance with policies, and foster a culture of security awareness. Ideal... 
    Senior
    Work at office

    Discord

    San Francisco, CA
    1 day ago
  •  ...shape and run our compliance and risk management program. You will lead the implementation of frameworks, oversee data privacy...  ...audit/compliance, automation using AI, and collaboration across IT, Security, GTM, and Engineering. You will help drive customer trust by staying... 
    Senior

    Apply

    San Francisco, CA
    3 days ago
  • A leading cloud security firm is seeking a Senior Cloud Security Engineer to ensure the security and compliance of their cloud infrastructure. The role involves developing security policies, mentoring teams, and conducting audits for compliance with industry standards.... 
    Senior
    Remote job
    Flexible hours

    Avantdigitalnow

    San Francisco, CA
    4 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Senior Security GRC Lead. Be the first to apply!