Senior Security GRC Lead
$121k - $185kGong.io
Senior Security GRC Lead
Austin | Chicago | New York City | Salt Lake City | San Francisco
Gong harnesses the power of AI to transform how revenue teams win. The Gong Revenue AI Operating System unifies data, insights, and workflows into a single, trusted system that observes, guides, and acts alongside the world's most successful revenue teams. Powered by the Gong Revenue Graph, AI-powered intelligence, specialized agents, and trusted applications, Gong helps more than 5,000 companies around the world deeply understand their teams and customers, automate critical sales workflows, and close more deals with less effort.
At Gong, you will join a company built on innovative products, ambitious goals, and passionate people. We are shaping the future of revenue intelligence and we want people who are excited to build what comes next. You will work with a team that dreams big, moves fast, and cares deeply about the craft and about each other. Here, transparency and trust are core to how we operate, and every person has the opportunity to make a visible impact. If you want to grow, stretch, and do work that truly matters, Gong is the place to do the best work of your career.
This is a high-visibility, high-impact role at the center of Gong's security and compliance story. As our Senior GRC Security Lead, you will be the architect of foundational programs we are building — Gong's first-ever Common Controls Framework, standing up a formal risk process and register, implementing a GRC tooling ecosystem, and owning the full policy, standards, and exceptions management lifecycle.
This is not a role for someone looking to inherit a mature program. It's a role for a builder — someone who thrives in ambiguity, operates with urgency, and finds energy in creating order from complexity. You will work directly with Legal, Sales, Engineering, Customer Audit teams, and executive stakeholders, and your fingerprints will be visible across everything Gong builds for compliance and trust for years to come.
Responsibilities
- Design and implement Gong's Common Controls Framework, mapping controls across SOC 2, ISO 27001, 27017, 27701, 27018, HIPAA, PCI, and other applicable frameworks.
- Rationalize overlapping requirements across frameworks to reduce compliance burden and create a single source of truth for control ownership.
- Partner with Engineering, Infrastructure, and Product Security to embed controls at the architecture level, not just as audit checkboxes.
- Establish control testing methodology, evidence collection standards, and continuous control monitoring processes.
- Serve as the subject-matter expert on control mapping during customer and external audits, RFPs, and enterprise sales engagements.
- Build Gong's product & enterprise risk register from the ground up — defining risk taxonomy, scoring methodology, risk appetite thresholds, and ownership models.
- Implementation of a GRC platform and system of record, and ability to build executive level dashboards to track vulnerability, risk, and control remediation.
- Create and maintain risk treatment plans in partnership with risk owners across the business, tracking remediation milestones and escalating blockers.
- Develop executive-level risk reporting cadences and dashboards for the Head of GRC and senior leadership.
- Own the complete lifecycle of Gong's information security policy suite — creation, review cycles, version control, and employee acknowledgment tracking.
- Establish and operate a formal exceptions management program, including intake, risk assessment, approval workflows, compensating controls, and periodic review.
- Ensure policies remain aligned with evolving regulatory requirements, industry frameworks, and Gong's rapidly changing technology environment.
- Drive policy adoption through clear communication, training support, and cross-functional partnership.
- Liaise with external auditors and certification bodies for SOC 2, ISO, and other certifications
Qualifications
- 7+ years of progressive experience in GRC, Information Security, or a closely related function — with meaningful time spent building or scaling programs, not just running them.
- Demonstrated hands-on experience building a GRC program at scale — ideally in a high-growth SaaS or technology company.
- Deep expertise across multiple compliance and security frameworks, including SOC 2 Type II, ISO 27001, NIST CSF, and at least one regulatory framework (GDPR, CCPA, HIPAA, or equivalent).
- Experience creating and implementing GRC Record of Truth/Tooling.
- Strong policy and standards writing ability — capable of translating complex regulatory language into clear, actionable documentation.
- Experience conducting and managing product & enterprise risk assessments, with a working knowledge of risk quantification methodologies.
- Proven ability to manage and communicate with senior stakeholders, including Legal, Engineering, and executive audiences.
- Bachelor's degree in Information Security, Computer Science, Business, or a related field; equivalent practical experience considered.
- Relevant certifications strongly preferred: CISSP, CISM, CRISC, CISA, CCSP, or comparable credentials.
The annual salary hiring range for this position is $121,000 - $185,000 USD.
Compensation is based on factors unique to each candidate, including, but not limited to, job-related skills, qualification, education, experience, and location. At Gong, we have a location-based compensation structure, which means there may be a different range for candidates in other locations. The total compensation package for this position, in addition to base compensation, may include incentive compensation, bonus, equity, and benefits. Some of our sales compensation programs also offer the potential to achieve above targeted earnings for those who exceed their sales targets.
We are always looking for outstanding Gongsters! So if this sounds like something that interests you regardless of compensation, please reach out. We may have more roles for you to consider and would love to connect.
We have noticed a rise in recruiting impersonations across the industry, where scammers attempt to access candidates' personal and financial information through fake interviews and offers. All Gong recruiting email communications will always come from the @gong.io domain. Any outreach claiming to be from Gong via other sources should be ignored.
Gong is an equal-opportunity employer. We believe that diversity is integral to our success, and do not discriminate based on race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, military status, genetic information, or any other basis protected by applicable law.
$88.95k - $150.43k
Commerce is seeking a Senior Security GRC Analyst & Internal Security Assessor (ISA) in Austin, Texas. In this hybrid role, you will manage the PCI DSS program and ensure compliance while working with diverse teams. The ideal candidate has over 6 years of experience in...Senior- Centene Corporation is seeking a Security Compliance Lead Information Risk Analyst in Austin, Texas. This senior role involves leading enterprise-wide security governance and compliance initiatives while serving as a subject matter authority. The ideal candidate will have...SeniorRemote job
$88.95k - $150.43k
BigCommerce Pty. is seeking a Senior Security GRC Analyst in Austin, TX to lead the PCI DSS program. You will serve as a key Subject Matter Expert, ensuring compliance integration into daily operations while managing audits across multiple frameworks. The ideal candidate...Senior- BigCommerce Pty in Austin, TX is looking for a Senior Security GRC Analyst to lead the PCI DSS program and ensure compliance across operations. You will serve as the primary PCI ISA and oversee audits while advocating for security integration in business processes. The...Senior
$88.95k - $150.43k
BigCommerce Pty. is seeking a Senior Security GRC Analyst (PCI ISA Specialist) in Austin, TX. This hybrid role involves leading PCI DSS compliance initiatives, managing audit processes, and integrating security into business operations. The ideal candidate has over 6 years...Senior$164.9k - $223.1k
Arm Limited is seeking a GRC Risk Manager in Austin, Texas, to oversee security risk management and lead supply-chain cyber risk assurance. The ideal candidate will have deep expertise in technical risk frameworks like ISO 27001 or NIST and possess strong analytical and...Senior$88.95k - $150.43k
Commerce Inc, located in Austin, TX, is seeking a Senior Security GRC Analyst (PCI ISA Specialist) to lead the PCI DSS program. You will manage assessments, automate compliance tasks, and ensure high-security standards. The ideal candidate has 6+ years in Information Security...- ...Compliance Associate in Austin, Texas. This role plays a critical part in enhancing security frameworks and managing organizational risks. The ideal candidate will have 3-6+ years in cybersecurity GRC, strong analytical abilities, and excellent communication skills....Senior
$105.79k - $141.05k
...our expansive fiber network and connected ecosystem. We enable secure, high-performance connectivity across cloud, edge, and AI workloads... ...of AI-ready connectivity, join us today. The Role As a SR Lead Commercial Strategist, you will play a crucial role in ensuring...SeniorTemporary workLocal areaRemote work- CloudFlare is seeking a Senior Technical Program Manager specializing in Security to assist in managing access programs. You will drive the development and execution of workflow access projects for the organization, ensuring compliance and security for enterprise environments...Senior
- ...Prevention Supervisor in Austin, Texas. This role is crucial for overseeing daily loss prevention operations to ensure the safety and security of guests and property. The ideal candidate will supervise Loss Prevention Officers, conduct patrols, and manage safety and...Senior
$116k - $144k
Kirkland & Ellis is seeking a Security GRC Specialist II in Austin, Texas to lead core Governance, Risk, and Compliance (GRC) programs. The ideal candidate should have at least five years of IT Security experience and will work closely with technical teams and stakeholders...Flexible hours$128.1k - $239.6k
Ernst & Young Oman is seeking an Assistant Director to join their Information Security team in Austin, Texas. You will oversee and enhance compliance with Information Security policies, working with diverse teams to identify and mitigate risks. The ideal candidate should...Senior$79.4k - $136.4k
A leading federal IT services firm in Austin, Texas, is seeking a Database Team Lead to oversee the design and performance of enterprise... .... The role entails leading a team of DBAs, optimizing database security, and ensuring adherence to organizational standards. Candidates...Senior- Security Industry Specialists, Inc. seeks a Senior Manager of IT Infrastructure to lead the strategy and continuous improvement of its cloud-first IT infrastructure across North and South America. The successful candidate will manage a multi-site team, ensuring cohesive...Senior
- Cacheflow is looking for a Senior Security GRC Analyst to serve as the SME for the PCI DSS program. This role involves leading compliance efforts and acting as a technical bridge between various teams and auditors. The ideal candidate will have extensive experience in Information...Senior
- The Texas Health Institute is seeking a Senior Cybersecurity Engineer to lead technical security initiatives. This role involves designing, implementing, and maintaining security controls to protect sensitive information systems. The ideal candidate will have a strong...Senior
$88.95k - $150.43k
## Senior Security GRC Analyst (PCI ISA Specialist)Applyremote type: Hybridlocations: Austin, TXtime type: Full timeposted on: Posted 2 Days Agojob... ...a highly mature PCI DSS 4.0 environment; your mission is to lead the continuous evolution of this program, ensuring that...SeniorWork at office3 days per week- ...led world. Serving more than 1,500 customers globally and as the leading contributor to the vibrant and fast-growing PostgreSQL... ...availability with mission critical capabilities built in such as security, compliance controls, and observability. For more information,...Senior
$30 per hour
Facility Solutions Group, Inc. is seeking a Lead Security Systems Technician in Austin, Texas. This role involves overseeing the installation and configuration of systems such as access control and surveillance. You will lead the field implementation of projects, ensuring...SeniorHourly pay- M.C. Dean, Inc. is seeking an Engineer 3 to join our Security and Electronic Systems unit in Austin, Texas. You will manage the design and... ...and over 5 years of experience in similar roles. Join us to lead projects, improve lives through engineering, and advance your career...Senior
- Ontic in Austin, Texas, is seeking an experienced AI Security Engineer to lead the development of security controls and risk management practices for AI technologies. You will establish responsible AI governance and conduct security assessments for various AI platforms,...SeniorFlexible hours
- Digital Turbine Media, Inc. is seeking a Principal Engineer of Security Operations to lead technical advancements in their Security Operations Center (SOC). This full-time hybrid role focuses on cloud security, incident response, and collaboration across teams to maintain...SeniorFull time
- BigCommerce Pty is seeking a Senior Security Governance Risk and Compliance Analyst based in Austin, TX. In this hybrid role, you will manage risk assessments and lead compliance initiatives while interacting with various teams across the company. Ideal candidates will...Senior
- BigCommerce Pty. is seeking a Senior Security Governance Risk and Compliance Analyst in Austin, TX. This hybrid position involves managing risk assessments and ensuring compliance with industry standards. The ideal candidate will have significant experience in information...SeniorRemote job
- Commerce Inc in Austin is looking for a Senior Security Governance Risk and Compliance Analyst to support compliance programs and implement risk improvement projects. This hybrid role involves managing third-party risk assessments, collaborating with cross-functional teams...Senior
- Aravo Solutions, Inc. is seeking a Senior Manager, Cybersecurity to oversee the security program and lead vulnerability management initiatives. You will work closely with Product Engineering to implement secure practices and drive compliance efforts. Candidates should...Senior
- IBM Computing in Austin is looking for a Senior Manager, Product Design for the HashiCorp Security portfolio. In this role, you will lead a design team that navigates complex challenges in security workflows, ensuring an intuitive user experience for developers. The ideal...Senior
- Femtech Insider Ltd. is seeking an Engineering Manager, Infrastructure in Austin, Texas. This role involves leading teams responsible for IT Operations, DevOps, and Security Engineering. The ideal candidate will have over 7 years of experience in relevant fields and strong...Senior
- LS Power Development, LLC is looking for a Manager of OT Security & Compliance in Austin, Texas. In this role, you will lead teams responsible for OT compliance engineering and governance, risk & compliance. You will bridge technical and strategic leadership, ensuring compliance...Senior
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Security GRC Lead. Be the first to apply!
- senior cloud service delivery manager Austin, TX
- senior business analyst contract Austin, TX
- senior product design engineer Austin, TX
- senior game producer Austin, TX
- senior software manager Austin, TX
- senior manager business analytics Austin, TX
- senior marketing account manager Austin, TX
- senior marketing manager Austin, TX
- senior contracts analyst Austin, TX
- sr operations manager Austin, TX

