Governance, Risk & Compliance (GRC) Manager
$190k - $215kSigma
Sigma is seeking an experienced GRC Manager to lead and scale our governance, risk, and compliance programs. This role is based in our San Francisco office or upcoming New York office and reports to the General Counsel. You'll have the opportunity to build a strategic, enterprise‑wide GRC function that enables business growth while managing organizational risk. What You’ll Do Governance Design and implement governance frameworks, including reporting, policy governance, and control oversight Establish and maintain enterprise policies, standards, and procedures across technology, security, privacy, and operational functions Build and lead a governance committee structure that provides appropriate oversight and decision‑making Create governance dashboards and metrics to provide visibility into program maturity and effectiveness Partner with leadership to align governance activities with business strategy and risk appetite Risk Management Develop and operate a comprehensive Enterprise Risk Management (ERM) program Conduct regular enterprise‑wide risk assessments and maintain a dynamic risk register Build and maintain business continuity and disaster recovery programs, including regular testing and tabletop exercises Implement third‑party risk management processes, including vendor risk assessments, contract reviews, and ongoing monitoring Create risk treatment plans and track remediation activities across the organization Facilitate risk‑informed decision‑making at all levels of the organization Coordinate with functional leaders to ensure risks across all business areas are identified and managed appropriately Compliance Own audit and certification programs including SOC 2, ISO 27001, HIPAA, and other relevant standards Develop and maintain compliance monitoring programs to track regulatory changes and work with the legal team to assess impact Partner with HR and Legal to support labor & employment compliance programs, including workplace safety, anti‑discrimination, wage and hour requirements, and multi‑jurisdictional employment regulations Monitor and ensure adherence to industry‑specific regulatory requirements relevant to Sigma’s business operations Manage security awareness training programs enterprise‑wide Conduct internal audits and assessments to validate control effectiveness Coordinate external audits and assessments with third‑party auditors Business Enablement Support sales and customer success teams with compliance documentation and security inquiries Develop customer‑facing materials that articulate Sigma’s risk management and compliance posture Complete and manage responses to customer security questionnaires and assessments (VSAs, SIGs, custom questionnaires) Enable efficient deal cycles by maintaining ready‑to‑use compliance artifacts, trust center content, and documentation Partner with Sales Engineering and Solutions teams to address prospect security and compliance requirements What You Bring Required 4+ years of experience in governance, risk management, and/or compliance roles, preferably in SaaS or technology companies Demonstrated experience building or significantly maturing a GRC program from the ground up Track record of successfully leading certification audits (SOC 2, ISO 27001, HIPAA, or similar) Experience implementing risk management frameworks (COSO, ISO 31000, NIST RMF, or similar) Strong knowledge of data privacy regulations and their practical application (GDPR, CCPA, etc.) Experience developing and maintaining information security and privacy policies, procedures, and control frameworks Strong business acumen with ability to translate risk and compliance requirements into business value Excellent communication skills with ability to influence stakeholders at all levels, including leadership Proven ability to manage multiple priorities and stakeholders in a fast‑paced, high‑growth environment Collaborative mindset and commitment to enabling business success while managing risk Preferred Experience with GRC platforms (ServiceNow GRC, Archer, LogicGate, or similar) Hands‑on experience with cloud environments (GCP, AWS, Azure) from a compliance and security perspective Experience with labor & employment compliance or cross‑functional collaboration with HR on regulatory matters Familiarity with multi‑state or international employment regulations Experience with continuous compliance automation tools (Vanta, Drata, Secureframe, Tugboat, or similar) Professional certifications such as CRISC, CISA, CISM, CGEIT, CISSP, or CIPP Experience in high‑growth SaaS or technology companies Background in both technical and operational risk management Experience working in organizations with distributed or remote teams Familiarity with security frameworks such as NIST CSF, CIS Controls, or OWASP Why Join Sigma This is an opportunity to build a world‑class GRC program that doesn’t just check boxes but genuinely enables the business to pursue opportunities with confidence. You’ll work across the entire organization, have direct access to the General Counsel, and make a tangible impact on how Sigma manages risk and creates value for customers. Additional Job Details The base salary range for this position is $190k - $215k annually. Compensation may vary outside of this range depending on a number of factors, including a candidate’s qualifications, skills, competencies and experience. Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work at Sigma. This role is eligible for stock options, as well as a comprehensive benefits package. About Us Sigma is the AI Apps and agentic analytics platform built on the cloud data warehouse. Business and technical teams use Sigma to explore live data, build intelligent applications, and automate critical workflows all without moving data or breaking governance. Sigma supports a spreadsheet interface, SQL, Python, and native AI in a single governed workspace, giving every team the speed to act and IT the control to scale. Sigma is trusted by more than 2,000 customers, including AMD, Duolingo, Colgate‑Palmolive, and JPMorgan Chase. Sigma announced its $80M in Series E financing in May 2026. The round was led by Princeville Capital, with new strategic investors Databricks Ventures, ServiceNow Ventures, and Workday Ventures participating alongside returning investors Altimeter Capital, Avenir Growth Capital, D1 Capital Partners, K5 Global, NewView Capital, Spark Capital, Sutter Hill Ventures, and XN. This milestone follows Sigma reaching $200M in annual recurring revenue in April 2026, with more than 100% year‑over‑year growth and 1.1 million new active users added in the latest fiscal year. Benefits For Our Full‑Time Employees Equity Generous health benefits Flexible time off policy. Take the time off you need! Paid bonding time for all new parents Traditional and Roth 401k Commuter and FSA benefits Lunch Program Dog friendly office Sigma is an equal opportunity employer. We are committed to building a smart and strong team regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, veteran, or any other protected status. We look forward to learning how your experience can enable all of us to grow. Note: We have an in‑office work environment in all our offices in SF, NYC, London and Sydney. Our Privacy Practices When you submit a job application on this site, Sigma processes your personal data for the purposes of evaluating your candidacy for employment at Sigma and as otherwise needed throughout the recruitment and hiring process. Please review Sigma’s Candidate Privacy Notice for more details. Please note that your personal data may be transferred to a country other than the one in which it was provided (including to the USA, the UK, and Canada, Australia). Sigma’s Use of AI This hiring process utilizes artificial intelligence tools to assist in candidate screening and assessment. Our AI tools are designed to complement, not replace, human decision‑making. #J-18808-Ljbffr Sigma
- ...Summary Prestige Staffing is seeking a highly motivated GRC Analyst to support governance, risk, and compliance activities within a Microsoft-centric environment.... ...GRC, compliance, IT audit support, or risk management Strong familiarity with NIST frameworks, control documentation...SuggestedHourly payContract work3 days per week
- ...CybSafe is seeking an Analyst, GRC – Public Sector to enhance governance, risk, and compliance operations. You will manage compliance efficiency and audit readiness for the public sector. Your role includes coordinating Third Party assessments, overseeing continuous monitoring...SuggestedRemote work
$190k - $215k
Governance, Risk & Compliance (GRC) Manager New York City, NY Sigma is seeking an experienced GRC Manager to lead and scale our governance, risk, and compliance programs. This role is based in our San Francisco office or upcoming New York office and reports to the General...SuggestedFull timeContract workWork at officeRemote workFlexible hours- ...Oura is seeking a Senior Governance, Risk, Compliance (GRC) Analyst to join the Security Team in New York City. This role involves leading GRC initiatives, managing compliance policies, and performing risk assessments. Candidates should have over 6 years of experience...SuggestedRemote workFlexible hours
- Solus Accident Repair Centres Company is looking for an IT Governance, Risk and Compliance (GRC) Analyst to support their Cyber Security, Risk and... ...will have knowledge of GRC frameworks, experience in risk management, and strong communication skills. This fully remote...SuggestedRemote job
- Alignerr is seeking a Governance, Risk & Compliance (GRC) Analyst for AI training. Remote hourly contract with 10-40 hours per week, focused on evaluating security, compliance, and risk in AI systems, and shaping governance and control frameworks. Ideal candidates have...Remote jobHourly payContract work10 hours per weekFlexible hours
- Radar is hiring a Senior GRC Analyst in New York City to enhance security and compliance programs, focusing on third-party risk and SaaS governance. You will work with various teams to evaluate... ...Trust Lead. A passion for risk management and emerging tech is essential for...
- ...Governance, Risk & Compliance (GRC) Analyst (AI Training) About the Role We're looking for experienced GRC professionals to help evaluate... ...+ years of hands-on experience in GRC, compliance, risk management, or information security ~ Solid familiarity with one...Hourly payOngoing contractContract workFreelanceRemote workFlexible hours
$161.6k - $202k
...that responsibility demands a security and compliance program that scales with the business. We're building out our dedicated GRC team to improve and mature our program!... ...HITRUST, SOC 2, PCI-DSS, HIPAA), third-party risk management, security awareness training, and...Work from homeFlexible hours- ...Summary The Global Cybersecurity Senior GRC Analyst plays a critical role in... ...within its regulatory, legal, and compliance obligations while managing risk effectively. The Global GRC Senior... ...directly to the Global Cybersecurity Governance, Risk and Compliance Manager. This...For contractors
- Senior Governance, Risk, Compliance (GRC) Analyst job at Oura. New York, NY. At Oura, our mission is to empower every person to own their inner potential... ...for efficiency and automation. Policy & Procedure Management - Analyze, draft, update, and maintain security and...Work at officeLocal areaRemote workFlexible hours
$212k - $230k
Director, Governance, Risk, and Compliance (GRC) Remote - USA At Clover, the Business Enablement team leads our technological advancement while ensuring... .... We deliver user-friendly corporate applications, manage complex data ecosystems, and provide efficient tech solutions...Temporary workFixed term contractWork at officeImmediate startRemote workFlexible hoursShift work- A growing fintech company is seeking a GRC Program Manager to lead governance, risk, and compliance initiatives. The role encompasses managing audits like SOC 1 and SOC 2, developing compliance frameworks, and collaborating with different teams to ensure operational integrity...Remote workFlexible hours
- A leading provider of procurement solutions is seeking a Manager for InfoSec Governance Risk and Compliance (GRC) in New York City. This role involves leading a team to manage the GRC program, ensuring compliance with certifications, and serving as a subject matter expert...
$240k - $270k
A leading healthcare company is seeking a Director of Compliance and Regulatory to shape its Governance, Risk, and Compliance strategy. You will manage regulatory risks, develop compliance frameworks, and guide product initiatives to ensure adherence to regulations like...Remote jobFlexible hours- Wiz is seeking a Remote Senior Governance, Risk, and Compliance Analyst - Governance to join our team. You will report to the Manager, Governance, Risk, & Compliance and collaborate with a cross-disciplinary Wizards group to align governance with business needs and enhance...Remote job
- StubHub, Inc. is seeking a Governance, Risk and Compliance Analyst II located in New York, NY. This hybrid role involves managing vendor risks, overseeing IT security, conducting compliance checks, and collaborating with various teams to enhance information security strategies...Flexible hours
$212k - $230k
...technology company in the United States is seeking a Director of Governance, Risk, and Compliance (GRC) to define and execute security governance strategies. This role requires strong expertise in managing compliance, overseeing third-party risks, and leading audits....Remote work- ...is seeking a senior leader to transform their InfoSec Governance, Risk, and Compliance (GRC) program. This role will drive strategic initiatives to... ...with strong leadership skills and a proven record in risk management. This position offers a competitive salary range in New...
- ...cybersecurity firm is looking for a detail-oriented Entry-Level GRC Analyst to join their remote team. In this role, you'll work... ...closely with senior members to strengthen client cybersecurity and compliance programs. You'll be involved in assessing controls, developing...Remote work
- ...Senior GRC Analyst job at Quantexa. New York, NY. What... ...experience in both US Government and non-government security and compliance, applying deep knowledge... ...maturity of our Governance, Risk, and Compliance (GRC)... ...assurance related to managing the SOC 2 process with our...Contract workTemporary workWork experience placementImmediate start
- ...Responsibilities Manage and support our compliance certifications, including SOC 2, HITRUST, and ISO 27001... ...and Privacy trust center Maintain the risk register and drive risk identification... ...posture to senior leadership Scale our GRC function with AI and automation,...
$132k - $165k
...the role We are looking for a Senior GRC Analyst to join our Technical Compliance team to ensure Garner's compliance... ...each week. What you will do Manage and support our compliance certifications... ...Privacy trust center Maintain the risk register and drive risk identification...Work at officeRemote workFlexible hours- ...us. The Role Rogo is hiring a GRC Analyst to support our customer... ..., security assurance, and compliance programs as we scale globally.... ...teams to ensure Rogo’s controls, risk posture, and security practices... ...to detail and the ability to manage multiple parallel requests without...
$200k - $270k
...feel small. Role Scope Run the day-to-day compliance program end to end across SOC 2 Type II,... ...monitoring, and audit readiness held on GRC platforms (Vanta) and the tooling we build... ...with external auditors and assessors and manage the POA&M to closure, tracking each finding...Local area- ...About the role We’re hiring a Senior GRC Analyst to help scale Radar’s security and compliance programs, with a focus on third‑party risk and modern SaaS governance. You’ll partner with Engineering,... ...teams to evaluate vendors, manage risk, and help shape a practical,...Work at officeRemote work
- ...client, is looking for a GRC Analyst to join their... ...will support technology risk and controls initiatives... ..., DevOps teams, project managers, and technology leadership to ensure compliance requirements are appropriately... ..., issue management, and governance activities within a...
$90k - $150k
Governance, Risk, and Compliance Supervisor or Manager Job Category: Advisory Requisition Number: GOVER002831 Posted: November 12, 2025 Full-Time Hybrid Locations... ...York City-based Governance, Risk, and Compliance (GRC) practice is looking for an ambitious Supervisor or...Full timeWork at officeFlexible hours3 days per week$205k - $225k
...commercial acumen, and a human touch. Reporting directly to the Firm's Director of Information Security, the Security Governance, Risk, and Compliance (GRC) Manager is considered an essential position in safeguarding our Firm's data and meeting clients' security requirements....Full timeWork at officeOverseas- ...Services LLC based in New York is searching for a Security Governance, Risk & Compliance Analyst. The role involves supporting various security... ...work in a hybrid environment, allowing collaboration while managing essential audits and compliance programs. Qualified...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Governance, Risk & Compliance (GRC) Manager. Be the first to apply!
- data governance manager New York, NY
- governance manager New York, NY
- data governance director New York, NY
- risk analytics manager New York, NY
- risk management associate New York, NY
- group risk manager New York, NY
- senior risk manager New York, NY
- head of risk management New York, NY
- risk management specialist New York, NY
- director credit risk New York, NY

