Senior GRC Lead

Job Summary

A company is looking for a Sr. Governance, Risk, and Compliance Lead.

Key Responsibilities

• Lead and manage internal and external audits for ISO 27001 and SOC 2 Type 2
• Own compliance with Microsoft Supplier Security and Privacy Assurance (SSPA)
• Maintain and evolve the Information Security Management System (ISMS) and related documentation

Required Qualifications

• 5+ years of experience in GRC, Information Security, or Compliance
• Proven expertise with ISO 27001, SOC 2, and third-party compliance programs
• Experience managing end-to-end audit processes and compliance initiatives
• Relevant certifications such as CISA, CRISC, or ISO 27001 Lead Auditor/Implementer are a plus