Senior Director, GRC Engineering
Company: Vanta
Location: Washington
Posted on: January 10, 2026
|
|
|
Job Description:
At Vanta, our mission is to help businesses earn and prove
trust. We believe that security should be monitored and verified
continuously, and we empower companies to practice better security
and prove it with ease. Vanta has a kind and talented team, and
while some have prior security experience, many have been
successful at Vanta without it. Vanta is growing quickly and were
continually moving upmarket, dealing with sophisticated customers
with complex security and compliance environments and needs. Our
Security team uses our own Vanta product to power our security
program and functions as an innovative and forward thinking GRC
team. As a Senior Director of GRC, you will be a highly visible
leader within Vanta’s Security team, responsible for running our
Governance, Risk, and Compliance efforts. If this sounds like you,
and youre excited to use your capabilities to power the next
evolution of the Vanta GRC team, we’d love to hear from you. What
you’ll do as a Senior Director of GRC Engineering at Vanta: •
Oversee the work of our governance, risk, and compliance functions
that include Vendor Risk Management, Risk Management, Policy
Management, Training and Awareness, and Customer Trust. • Ensure
ongoing compliance to our SOC II and ISO certifications. • Drive
the next evolution of our program to meet FedRAMP Authorization
(Moderate 20x and Moderate Rev 5). • Lead and grow a team of the
best security professionals in the world, with a view of security
that is forward thinking, human-centric, and trust-based. • Drive
concepts of GRC Engineering throughout your organization and lean
into automated compliance strategies to show ongoing commitment to
security. • Shape the next evolution of internal GRC strategy
internally and be an active voice externally. • Provide, both
individually and through your teams, expert feedback to Vanta’s
Engineering, Product and Design teams on our product offerings and
serve as a strong customer voice in product development. •
Represent Vanta’s products, vision, and voice as a trusted security
thought leader in public security forums. • Participate within the
CISO leadership team and collaborate extensively with other leaders
within the Security Engineering and Operations teams. • Track the
team’s performance and report goals and objectives to leaders
outside of the security team • Partner with the Vantas Sales and
Customer Success teams to represent Vanta’s Trust Management
Platform to prospects and customers • Become an expert on the
security features available for customers to deploy within Vanta,
including best practices for implementation. • Serve as Vanta
customer zero by testing and implementing all Vanta capabilities
within our own GRC program. • Coordinate with cross-functional
teams to provide customers with meaningful updates on features and
programs How to be successful in this role: • 10 years of
experience working in the Governance, Risk, and Compliance industry
• Strong leadership experience and an ability to lead a team from a
foundation of transparency and trust • Experience working with
security and privacy frameworks, including SOC II, ISO 27001, ISO
27701, and FedRAMP. • Demonstrable expertise in SOC II, ISO 27001,
NIST 800-53 at minimum • Experience managing a large team of people
(10) • Experience working and interfacing with C-level customer
contacts • Technical expertise to understand and explain security
and GRC concepts • Familiarity with Cloud Infrastructure, Risk
Management, Policy Management, Security Training and Awareness,
Vendor Risk Management, Vulnerabilities Management, and their
related security processes • Experience in building productive
relationships and driving collaboration with both technical and
non-technical teams • Knowledge of the audit process and experience
owning SOC2, ISO, and FedRAMP audits. • Security compliance
management experience within a SaaS environment preferred, but not
required • Professional customer facing experience preferred, but
not required • Security certifications (e.g. CISA, CISSP) and/or
formal education strongly preferred, but not required What you can
expect as a Vantan: • Industry-competitive compensation • 100%
covered medical, dental, and vision benefits with dependents
coverage • 16 weeks fully-paid parental Leave for all new parents •
Health & wellness and remote workplace stipends • Family planning
benefits through Carrot Fertility • 401(k) matching • Flexible work
hours and location • Open PTO policy • 11 paid holidays in the US •
Offices in SF, NYC, London, Dublin, and Sydney
Keywords: Vanta, Potomac , Senior Director, GRC Engineering, IT / Software / Systems , Washington, Maryland
