Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Senior Security GRC Lead

$121k - $185k

Gong.io

Senior Security GRC Lead

Austin | Chicago | New York City | Salt Lake City | San Francisco

Gong harnesses the power of AI to transform how revenue teams win. The Gong Revenue AI Operating System unifies data, insights, and workflows into a single, trusted system that observes, guides, and acts alongside the world's most successful revenue teams. Powered by the Gong Revenue Graph, AI-powered intelligence, specialized agents, and trusted applications, Gong helps more than 5,000 companies around the world deeply understand their teams and customers, automate critical sales workflows, and close more deals with less effort.

At Gong, you will join a company built on innovative products, ambitious goals, and passionate people. We are shaping the future of revenue intelligence and we want people who are excited to build what comes next. You will work with a team that dreams big, moves fast, and cares deeply about the craft and about each other. Here, transparency and trust are core to how we operate, and every person has the opportunity to make a visible impact. If you want to grow, stretch, and do work that truly matters, Gong is the place to do the best work of your career.

This is a high-visibility, high-impact role at the center of Gong's security and compliance story. As our Senior GRC Security Lead, you will be the architect of foundational programs we are building — Gong's first-ever Common Controls Framework, standing up a formal risk process and register, implementing a GRC tooling ecosystem, and owning the full policy, standards, and exceptions management lifecycle.

This is not a role for someone looking to inherit a mature program. It's a role for a builder — someone who thrives in ambiguity, operates with urgency, and finds energy in creating order from complexity. You will work directly with Legal, Sales, Engineering, Customer Audit teams, and executive stakeholders, and your fingerprints will be visible across everything Gong builds for compliance and trust for years to come.

Responsibilities
  • Design and implement Gong's Common Controls Framework, mapping controls across SOC 2, ISO 27001, 27017, 27701, 27018, HIPAA, PCI, and other applicable frameworks.
  • Rationalize overlapping requirements across frameworks to reduce compliance burden and create a single source of truth for control ownership.
  • Partner with Engineering, Infrastructure, and Product Security to embed controls at the architecture level, not just as audit checkboxes.
  • Establish control testing methodology, evidence collection standards, and continuous control monitoring processes.
  • Serve as the subject-matter expert on control mapping during customer and external audits, RFPs, and enterprise sales engagements.
  • Build Gong's product & enterprise risk register from the ground up — defining risk taxonomy, scoring methodology, risk appetite thresholds, and ownership models.
  • Implementation of a GRC platform and system of record, and ability to build executive level dashboards to track vulnerability, risk, and control remediation.
  • Create and maintain risk treatment plans in partnership with risk owners across the business, tracking remediation milestones and escalating blockers.
  • Develop executive-level risk reporting cadences and dashboards for the Head of GRC and senior leadership.
  • Own the complete lifecycle of Gong's information security policy suite — creation, review cycles, version control, and employee acknowledgment tracking.
  • Establish and operate a formal exceptions management program, including intake, risk assessment, approval workflows, compensating controls, and periodic review.
  • Ensure policies remain aligned with evolving regulatory requirements, industry frameworks, and Gong's rapidly changing technology environment.
  • Drive policy adoption through clear communication, training support, and cross-functional partnership.
  • Liaise with external auditors and certification bodies for SOC 2, ISO, and other certifications
Qualifications
  • 7+ years of progressive experience in GRC, Information Security, or a closely related function — with meaningful time spent building or scaling programs, not just running them.
  • Demonstrated hands-on experience building a GRC program at scale — ideally in a high-growth SaaS or technology company.
  • Deep expertise across multiple compliance and security frameworks, including SOC 2 Type II, ISO 27001, NIST CSF, and at least one regulatory framework (GDPR, CCPA, HIPAA, or equivalent).
  • Experience creating and implementing GRC Record of Truth/Tooling.
  • Strong policy and standards writing ability — capable of translating complex regulatory language into clear, actionable documentation.
  • Experience conducting and managing product & enterprise risk assessments, with a working knowledge of risk quantification methodologies.
  • Proven ability to manage and communicate with senior stakeholders, including Legal, Engineering, and executive audiences.
  • Bachelor's degree in Information Security, Computer Science, Business, or a related field; equivalent practical experience considered.
  • Relevant certifications strongly preferred: CISSP, CISM, CRISC, CISA, CCSP, or comparable credentials.

The annual salary hiring range for this position is $121,000 - $185,000 USD.

Compensation is based on factors unique to each candidate, including, but not limited to, job-related skills, qualification, education, experience, and location. At Gong, we have a location-based compensation structure, which means there may be a different range for candidates in other locations. The total compensation package for this position, in addition to base compensation, may include incentive compensation, bonus, equity, and benefits. Some of our sales compensation programs also offer the potential to achieve above targeted earnings for those who exceed their sales targets.

We are always looking for outstanding Gongsters! So if this sounds like something that interests you regardless of compensation, please reach out. We may have more roles for you to consider and would love to connect.

We have noticed a rise in recruiting impersonations across the industry, where scammers attempt to access candidates' personal and financial information through fake interviews and offers. All Gong recruiting email communications will always come from the @gong.io domain. Any outreach claiming to be from Gong via other sources should be ignored.

Gong is an equal-opportunity employer. We believe that diversity is integral to our success, and do not discriminate based on race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, military status, genetic information, or any other basis protected by applicable law.

Vacancy posted 3 days ago
Similar jobs that could be interesting for youBased on the Senior Security GRC Lead in Austin, TX vacancy
  • $88.95k - $150.43k

    Commerce is seeking a Senior Security GRC Analyst & Internal Security Assessor (ISA) in Austin, Texas. In this hybrid role, you will manage the PCI DSS program and ensure compliance while working with diverse teams. The ideal candidate has over 6 years of experience in... 
    Senior

    Commerce

    Austin, TX
    2 days ago
  • Centene Corporation is seeking a Security Compliance Lead Information Risk Analyst in Austin, Texas. This senior role involves leading enterprise-wide security governance and compliance initiatives while serving as a subject matter authority. The ideal candidate will have... 
    Senior
    Remote job

    Centene Corporation

    Austin, TX
    4 days ago
  • $88.95k - $150.43k

    BigCommerce Pty. is seeking a Senior Security GRC Analyst in Austin, TX to lead the PCI DSS program. You will serve as a key Subject Matter Expert, ensuring compliance integration into daily operations while managing audits across multiple frameworks. The ideal candidate... 
    Senior

    BigCommerce Pty.

    Austin, TX
    3 days ago
  • BigCommerce Pty in Austin, TX is looking for a Senior Security GRC Analyst to lead the PCI DSS program and ensure compliance across operations. You will serve as the primary PCI ISA and oversee audits while advocating for security integration in business processes. The... 
    Senior

    BigCommerce Pty

    Austin, TX
    3 days ago
  • $88.95k - $150.43k

    BigCommerce Pty. is seeking a Senior Security GRC Analyst (PCI ISA Specialist) in Austin, TX. This hybrid role involves leading PCI DSS compliance initiatives, managing audit processes, and integrating security into business operations. The ideal candidate has over 6 years... 
    Senior

    BigCommerce Pty.

    Austin, TX
    3 days ago
  • $164.9k - $223.1k

    Arm Limited is seeking a GRC Risk Manager in Austin, Texas, to oversee security risk management and lead supply-chain cyber risk assurance. The ideal candidate will have deep expertise in technical risk frameworks like ISO 27001 or NIST and possess strong analytical and... 
    Senior

    Arm Limited

    Austin, TX
    1 day ago
  • $88.95k - $150.43k

    Commerce Inc, located in Austin, TX, is seeking a Senior Security GRC Analyst (PCI ISA Specialist) to lead the PCI DSS program. You will manage assessments, automate compliance tasks, and ensure high-security standards. The ideal candidate has 6+ years in Information Security... 

    Commerce Inc

    Austin, TX
    1 day ago
  •  ...Compliance Associate in Austin, Texas. This role plays a critical part in enhancing security frameworks and managing organizational risks. The ideal candidate will have 3-6+ years in cybersecurity GRC, strong analytical abilities, and excellent communication skills.... 
    Senior

    Corient

    Austin, TX
    3 days ago
  • $105.79k - $141.05k

     ...our expansive fiber network and connected ecosystem. We enable secure, high-performance connectivity across cloud, edge, and AI workloads...  ...of AI-ready connectivity, join us today. The Role As a SR Lead Commercial Strategist, you will play a crucial role in ensuring... 
    Senior
    Temporary work
    Local area
    Remote work

    Lumen Inc

    Austin, TX
    3 days ago
  • CloudFlare is seeking a Senior Technical Program Manager specializing in Security to assist in managing access programs. You will drive the development and execution of workflow access projects for the organization, ensuring compliance and security for enterprise environments... 
    Senior

    CloudFlare

    Austin, TX
    2 days ago
  •  ...Prevention Supervisor in Austin, Texas. This role is crucial for overseeing daily loss prevention operations to ensure the safety and security of guests and property. The ideal candidate will supervise Loss Prevention Officers, conduct patrols, and manage safety and... 
    Senior

    1 Hotel Austin, L.L.C.

    Austin, TX
    4 days ago
  • $116k - $144k

    Kirkland & Ellis is seeking a Security GRC Specialist II in Austin, Texas to lead core Governance, Risk, and Compliance (GRC) programs. The ideal candidate should have at least five years of IT Security experience and will work closely with technical teams and stakeholders... 
    Flexible hours

    Kirkland & Ellis

    Austin, TX
    2 days ago
  • $128.1k - $239.6k

    Ernst & Young Oman is seeking an Assistant Director to join their Information Security team in Austin, Texas. You will oversee and enhance compliance with Information Security policies, working with diverse teams to identify and mitigate risks. The ideal candidate should... 
    Senior

    Ernst & Young Oman

    Austin, TX
    11 hours ago
  • $79.4k - $136.4k

    A leading federal IT services firm in Austin, Texas, is seeking a Database Team Lead to oversee the design and performance of enterprise...  .... The role entails leading a team of DBAs, optimizing database security, and ensuring adherence to organizational standards. Candidates... 
    Senior

    ASM Research, An Accenture Federal Services Company

    Austin, TX
    3 days ago
  • Security Industry Specialists, Inc. seeks a Senior Manager of IT Infrastructure to lead the strategy and continuous improvement of its cloud-first IT infrastructure across North and South America. The successful candidate will manage a multi-site team, ensuring cohesive... 
    Senior

    Security Industry Specialists, Inc.

    Austin, TX
    2 days ago
  • Cacheflow is looking for a Senior Security GRC Analyst to serve as the SME for the PCI DSS program. This role involves leading compliance efforts and acting as a technical bridge between various teams and auditors. The ideal candidate will have extensive experience in Information... 
    Senior

    Cacheflow

    Austin, TX
    4 days ago
  • The Texas Health Institute is seeking a Senior Cybersecurity Engineer to lead technical security initiatives. This role involves designing, implementing, and maintaining security controls to protect sensitive information systems. The ideal candidate will have a strong... 
    Senior

    Texas Health Institute

    Austin, TX
    55 minutes ago
  • $88.95k - $150.43k

    ## Senior Security GRC Analyst (PCI ISA Specialist)Applyremote type: Hybridlocations: Austin, TXtime type: Full timeposted on: Posted 2 Days Agojob...  ...a highly mature PCI DSS 4.0 environment; your mission is to lead the continuous evolution of this program, ensuring that... 
    Senior
    Work at office
    3 days per week

    BigCommerce

    Austin, TX
    3 days ago
  •  ...led world. Serving more than 1,500 customers globally and as the leading contributor to the vibrant and fast-growing PostgreSQL...  ...availability with mission critical capabilities built in such as security, compliance controls, and observability. For more information,... 
    Senior

    EDB

    Austin, TX
    4 days ago
  • $30 per hour

    Facility Solutions Group, Inc. is seeking a Lead Security Systems Technician in Austin, Texas. This role involves overseeing the installation and configuration of systems such as access control and surveillance. You will lead the field implementation of projects, ensuring... 
    Senior
    Hourly pay

    Facility Solutions Group, Inc.

    Austin, TX
    11 hours ago
  • M.C. Dean, Inc. is seeking an Engineer 3 to join our Security and Electronic Systems unit in Austin, Texas. You will manage the design and...  ...and over 5 years of experience in similar roles. Join us to lead projects, improve lives through engineering, and advance your career... 
    Senior

    M.C. Dean, Inc.

    Austin, TX
    1 day ago
  • Ontic in Austin, Texas, is seeking an experienced AI Security Engineer to lead the development of security controls and risk management practices for AI technologies. You will establish responsible AI governance and conduct security assessments for various AI platforms,... 
    Senior
    Flexible hours

    Ontic

    Austin, TX
    4 days ago
  • Digital Turbine Media, Inc. is seeking a Principal Engineer of Security Operations to lead technical advancements in their Security Operations Center (SOC). This full-time hybrid role focuses on cloud security, incident response, and collaboration across teams to maintain... 
    Senior
    Full time

    Digital Turbine Media, Inc.

    Austin, TX
    11 hours ago
  • BigCommerce Pty is seeking a Senior Security Governance Risk and Compliance Analyst based in Austin, TX. In this hybrid role, you will manage risk assessments and lead compliance initiatives while interacting with various teams across the company. Ideal candidates will... 
    Senior

    BigCommerce

    Austin, TX
    3 days ago
  • BigCommerce Pty. is seeking a Senior Security Governance Risk and Compliance Analyst in Austin, TX. This hybrid position involves managing risk assessments and ensuring compliance with industry standards. The ideal candidate will have significant experience in information... 
    Senior
    Remote job

    BigCommerce

    Austin, TX
    3 days ago
  • Commerce Inc in Austin is looking for a Senior Security Governance Risk and Compliance Analyst to support compliance programs and implement risk improvement projects. This hybrid role involves managing third-party risk assessments, collaborating with cross-functional teams... 
    Senior

    Commerce Co.

    Austin, TX
    1 day ago
  • Aravo Solutions, Inc. is seeking a Senior Manager, Cybersecurity to oversee the security program and lead vulnerability management initiatives. You will work closely with Product Engineering to implement secure practices and drive compliance efforts. Candidates should... 
    Senior

    Aravo Solutions, Inc.

    Austin, TX
    2 days ago
  • IBM Computing in Austin is looking for a Senior Manager, Product Design for the HashiCorp Security portfolio. In this role, you will lead a design team that navigates complex challenges in security workflows, ensuring an intuitive user experience for developers. The ideal... 
    Senior

    IBM Computing

    Austin, TX
    4 days ago
  • Femtech Insider Ltd. is seeking an Engineering Manager, Infrastructure in Austin, Texas. This role involves leading teams responsible for IT Operations, DevOps, and Security Engineering. The ideal candidate will have over 7 years of experience in relevant fields and strong... 
    Senior

    Femtech Insider Ltd.

    Austin, TX
    11 hours ago
  • LS Power Development, LLC is looking for a Manager of OT Security & Compliance in Austin, Texas. In this role, you will lead teams responsible for OT compliance engineering and governance, risk & compliance. You will bridge technical and strategic leadership, ensuring compliance... 
    Senior

    LS Power Development, LLC

    Austin, TX
    2 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Senior Security GRC Lead. Be the first to apply!