Simplify Logo

Full-Time

GRC Lead

Posted on 7/31/2024

Contentful

Contentful

501-1,000 employees

Digital content management platform for businesses

Consumer Software
Design

Senior, Expert

Raleigh, NC, USA

Category
Risk & Compliance
Legal & Compliance
Required Skills
Communications
Requirements
  • 5+ years of Governance, Risk, and Compliance experience.
  • 3+ years focused on implementing and maintaining ISO 27001 and SOC 2 frameworks.
  • Ability to navigate complexities of multiple frameworks and customer requirements.
  • Conducted internal audits, risk assessment, and gap analysis with limited oversight.
  • Maintained and participated in ISO 27001 and SOC 2 programs, including external audits.
  • Preferred ISO 27001 credentials (e.g., ISO Lead Auditor or Lead Implementer.)
  • Exposure to PCI DSS, CIS, COBIT, GRPR, NIST (CSF, 800-171, 800-53.)
  • Proven expertise working in a technical, development focused environment.
  • Direct experience managing and executing complex projects.
  • Ability to translate requirements and effectively probe and communicate with technical resources.
  • Strong written and verbal communication skills.
  • Experience working across business units and geographical boundaries.
  • Ability to cultivate relationships with stakeholders.
  • Detail-oriented with a passion for maintaining quality.
  • Capable of working independently and collaboratively with large teams.
  • Ability to thrive in a fast-paced environment, often juggling multiple projects.
Responsibilities
  • Maintain a risk register, review submissions, collaborate with stakeholders, and track mitigation efforts.
  • Conduct risk assessments, gap analyses, and control reviews to identify deficiencies and improvements.
  • Monitor GRC software, assign actions, and ensure timely and accurate completion of activities.
  • Support customers by addressing compliance inquiries and Requests for Proposal topics.
  • Cultivate internal and external trust resources (e.g., Trust Center, whitepapers, datasheets).
  • Provide support and guidance for internal and external audits.
  • Generate and provide regular cross functional and executive compliance reports and metrics.
  • Maintain and propose edits to policies and procedures to ensure effectiveness and compliance.
  • Maintain compliance across multiple frameworks and customer requirements.
  • Develop and maintain Security and GRC maturity models using compliance and industry frameworks.
  • Map controls across different frameworks to identify commonalities and gaps.
  • Maintain mapping to facilitate consolidation and consistency of activities across multiple obligations.
  • Drive continuous improvement across all aspects of GRC throughout the organization.
  • Identify systemic issues and collaborate on approaches to address root causes.
  • Proactively monitor regulatory and statutory changes in GRC and drive necessary changes.
  • Provide training to drive education on security compliance requirements and best practices.
  • Maintain the security and compliance awareness program and reporting.
  • Play an active role in scaling GRC practices by contributing to team roadmaps.

Contentful provides a platform for digital content management that helps businesses create, collaborate on, and deliver content without needing to write code. Its main product is a content management system (CMS) that allows creative teams to efficiently manage digital content across various brands and channels, ensuring a consistent experience for users. This is especially useful for companies in e-commerce, digital marketing, and media, as it streamlines their content production and enhances team collaboration. Unlike many competitors, Contentful operates on a freemium model, offering basic features for free while charging for advanced capabilities. The goal of Contentful is to empower businesses to deliver high-quality digital experiences at scale.

Company Stage

Series F

Total Funding

$349.6M

Headquarters

Berlin, Germany

Founded

2013

Growth & Insights
Headcount

6 month growth

1%

1 year growth

-1%

2 year growth

6%
Simplify Jobs

Simplify's Take

What believers are saying

  • The appointment of Karthik Rau as CEO, with his extensive leadership experience, could drive strategic growth and innovation.
  • Contentful Studio's launch empowers digital teams to create and manage content more efficiently, potentially increasing user satisfaction and platform adoption.
  • The company's recognition as a Silver Partner by hedgehog lab highlights its strong market position and successful implementations.

What critics are saying

  • The competitive landscape of digital content management is intense, with numerous established players potentially limiting Contentful's market share.
  • Frequent leadership changes, such as the recent CEO appointment, can lead to strategic shifts that may cause uncertainty among employees and clients.

What makes Contentful unique

  • Contentful's freemium business model allows businesses to access essential features for free, making it accessible to a wide range of users compared to competitors with higher entry costs.
  • The platform's focus on enabling non-technical teams to manage digital content without coding sets it apart from traditional CMS solutions that require technical expertise.
  • Strategic partnerships, such as with hedgehog lab and SHOPLINE, enhance Contentful's capabilities in delivering comprehensive digital experiences.
INACTIVE