Monte Carlo

Global GRC Manager

Monte Carlo

full-time

Posted on:

Location Type: Remote

Location: United States

Visit company website

Explore more

AI Apply
Apply

Tech Stack

Cyber Security

About the role

  • Manage and respond to customer security reviews, questionnaires, and audits
  • Serve as the primary liaison for security-related inquiries from prospects, customers, and partners
  • Oversee ongoing compliance initiatives (SOC 2, ISO 27001, 27017, 27018, GDPR etc.) and maintain the risk register
  • Collaborate with cross-functional teams (Engineering, Sales, Product, HR) on risk management strategies
  • Evaluate third-party vendors, manage due diligence processes, and coordinate remediation actions
  • Develop, refine, and maintain security and compliance policies, procedures, and standards
  • Support and promote security awareness initiatives, including employee training and phishing simulations
  • Lead and coordinate internal and external audits, ensuring continuous improvement in controls

Requirements

  • 5+ years of experience in a GRC or compliance-focused role, ideally in a SaaS or technology company.
  • Proven track record of managing third-party risk assessments, vendor security reviews, and compliance audits.
  • Expertise in compliance frameworks such as SOC 1/2, ISO 27001| 27017 | 27018 | 27701 | 42001, and GDPR.
  • Relevant certifications (e.g., CISA, CISSP, CRISC, or CISM) are highly desirable.
  • Excellent written and verbal communication skills with a strong attention to detail.
  • Bachelor’s degree in Information Security, Cybersecurity, or a related field (or equivalent experience).
Benefits
  • High Impact: Build and scale the compliance program for a high-growth data platform serving enterprise customers.
  • True Ownership: Own audit cycles end-to-end (SOC 2, SOC 1, ISO) with direct access to executive leadership and minimal red tape.
  • Complex & Evolving: Navigate multi-framework compliance (SOC, ISO, customer security requirements) in a rapidly changing regulatory landscape.
  • Strong Security Culture: Partner with Engineering, Product Security, and GTM teams who understand that compliance enables business, not blocks it.
  • Remote-First: Work from anywhere in the Americas while being part of a lean, high-trust SCI team.
  • Career Growth: Shape the compliance foundation at a category-defining company backed by strong momentum and sophisticated customers.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
GRCcompliance auditsthird-party risk assessmentsvendor security reviewsrisk managementsecurity policiessecurity proceduressecurity standardsphishing simulationscontinuous improvement
Soft Skills
communication skillsattention to detailcollaborationleadershiporganizational skills
Certifications
CISACISSPCRISCCISM