Found Description
Job Description – GRC Lead (B2B SaaS – ISO 27001, SOC 2, GDPR)
Role Summary
We are looking for a hands-on GRC Lead to establish and scale our Governance, Risk, and Compliance (GRC) program for a fast-growing B2B SaaS platform. The role will own ISO 27001, SOC 2, and GDPR initiatives, drive audit readiness, manage enterprise risk, and partner with engineering, legal, and business teams to build a secure and compliant organization.
Key Responsibilities
Governance & Compliance
- Establish and maintain the Information Security Management System (ISMS).
- Develop and manage security policies, standards, and procedures.
- Lead ISO 27001, SOC 2, and GDPR compliance programs, including certification and surveillance audits.
- Manage audit planning, evidence collection, and auditor interactions.