The Program Manager, GRC is a critical role in Drata’s R&D and product innovation efforts. It will support the continuous enhancement of the ideas and processes that help the product scale effortlessly and efficiently across different GRC domains, security standards and privacy regulations, with the underlying goal of a seamless user experience. The ideal candidate will have strong analytical skills, the ability to think outside of the box, and the capability to see an issue from multiple diverse perspectives to propose and develop effective solutions. The successful individual will: be flexible and can quickly adapt to change, have a competitive drive, be a self-starter and not shy away from taking initiative or providing valid input, constantly educate and be educated, and always act with integrity.
What you’ll do:
- Work with an incredible team at a phenomenal company with an unmatched culture.
- Manage programs with the GRC Office within the Product Department.
- Be the expert on one or more of the governance, risk management, and compliance domains, as applicable to the product.
- Conduct research and apply your knowledge to different projects and programs.
- Enthusiastically go through, digest, and compare old, new, and revised standards and regulations.
- Design tools and functions, policies, and automation building blocks and partake in the development process.
- Engage and collaborate with members of Product, Engineering, Customer Success, Sales, and Marketing daily.
- Educate, train, and enable other teams in area of expertise.
- Complete tasks in support of the product team at #drataspeed and fulfill requests in support of customers.
- Maintain and manage knowledge databases.
- Participate in product planning and development.
- Build and be an essential part of our Rocket Ship!
What you’ll bring:
- 5+ years of experience in a GRC field
- One or more industry certifications such as: CISA, CISM, CISSP, CGEIT, CRISC, CRMA, GRCP
- Experience operating in a SaaS environment; startup experience is a plus
- Analytical skills and a knack for connecting the dots; comfortable developing processes
- Solid knowledge and understanding of privacy and security standards and regulations; some experience with policy development
- Understanding the concept of automation is a must; experience in automation is a plus
- Knowledge of cloud service providers is a plus
- Ability to communicate and coherently present your thoughts to your team, other teams, stakeholders, and customers
- Ability to understand, analyze, and assess customer and inter-departmental requests and requirements
- Experience with Google Workspace is a must; experience with Jira and Airtable is preferred
- Health & Wellness: 100% coverage for medical, dental, and vision plans - for employee and dependents + on demand health care concierge
- HSA, FSA, & DCFSA: Pre-tax savings plans for healthcare and dependent care
- 100% paid short and long term disability plus life + AD&D benefits
- Learning & Development: $500 annually towards professional development opportunities + $250 annually towards personal development opportunities
- Flexible Time Off: Flexible vacation policy for strong, fully charged batteries
- 16 Weeks Paid Parental Leave: An inclusive policy to ensure you have time with your newborn, newly adopted, or foster child
- Work Remotely: Flexible hours and work from home + $1,000 annually to cover necessary business related items for your home office
- Charitable Giving Program: Up to $500 match for qualified charities
- 401K: Reach your financial goals while reducing your taxes
This role will receive a competitive base salary, benefits, and equity. The applicable salary range for each US-based role is based on where the employee works and is aligned to one of 3 tiers based on the cost of labor for that geographic area. The expected salary ranges for this role are set forth below.
Tier 1: $110,500 - $136,500
Tier 2: $99,450 - $122,850
Tier 3: $88,400 - $109,200
You can view which tier applies to where you plan to work here. A variety of factors are considered when determining someone’s leveling and compensation–including a candidate’s professional background and experience. These ranges may be modified in the future and final offer amounts may vary from the amounts listed above.
Please continue to apply if you are unsure that you fit into our compensation structure.
Drata is on a mission to help build trust across the internet.
Drata is a security and compliance automation platform that continuously monitors and collects evidence of a company’s security controls, while streamlining compliance workflows end-to-end to ensure audit readiness.
We all recognize the importance of earning and keeping the trust of our customers when it comes to protecting their data. We’ve felt firsthand how burdensome achieving and maintaining a strong security and compliance posture can be at a fast-growing company. It’s a manual, redundant, error-prone, and unscalable process - and it only grows more complex and expensive over time.
Our team of SaaS, security, compliance, and audit experts have built a better way - with automation.
Employment at Drata is based solely upon individual merit and qualifications directly related to professional competence. We strictly prohibit unlawful discrimination or harassment on the basis of race, color, religion, veteran status, national origin, ancestry, pregnancy status, sex, gender identity or expression, age, marital status, mental or physical disability, medical condition, sexual orientation, or any other characteristics protected by law. We also make reasonable accommodations to meet our obligations under laws protecting the rights of the disabled.