Full-Time Governance, Risk & Compliance Lead

About the Role:Guardant is seeking a Governance, Risk & Compliance (GRC) Lead to drive the evolution of our Information Security Governance, Risk, and Compliance program.

Essential Duties and Responsibilities:Develop, maintain, and enhance the security governance, risk, and compliance program, emphasizing automation and proactive compliance monitoring. Lead the organization’s pursuit of ISO 27001 certification. Drive a culture of accountability through metrics. Develop security policies, standards, and procedures. Identify and address governance gaps. Implement automated compliance controls. Conduct and oversee internal assessments and security control testing. Prepare and present risk assessments, and remediation plans. Partner with Privacy, Compliance, and Regulatory teams. Establish a Security Trust Program. Act as a trusted advisor. Provide insights to the CISO. Restructure the third-party risk management program.

Essential Qualifications:5+ years of experience in GRC or related field, with at least 2 years in a leadership role. Experience with qualitative risk approaches. Strong knowledge of information security, governance, and compliance principles. Deep understanding of regulatory frameworks (ISO 27001, HIPAA, GDPR, SOX-404). Strong familiarity with cybersecurity and cloud security frameworks. Proficiency with Atlassian tools (JIRA, Confluence). Conceptual understanding of security technologies.

Certifications:CISSP, CISA, CRISC (Preferred). Exceptional ability to convey technical and security concepts.

Salary:$128,000 to $176,000 (full-time)

Additional Notes:Hybrid Work Model. Majority of work in a desk/office environment. Employee required to lift routine office supplies and use office equipment.

What is the last date for applying to the job?

Which countries are accepted for this remote job?