29 grc lead jobs at 23 companies in Berkeley, CA

1mo
Save
Mark Applied
Hide
GRC Lead
San Francisco, California, United States
HybridFull Time
Brain Co.
Brain Co.: Builds AI software platforms for governments and large enterprises.
8+ YOE8+ years building and running GRC programs in regulated environments; hands-on with SOC 2 Type II, HIPAA, ISO 27001, NIST 800-171, FedRAMP/GovRAMP, GLBA.
Azure, policy-as-code, audit tooling
2mo
Save
Mark Applied
Hide
Senior GRC Lead
Vancouver or New York City or San Francisco
$154k-$192k/yr HybridFull Time
Brex
Brex: Corporate cards and spend management software for businesses.
5+ YOE5+ years in GRC or Security Engineering; strong automation; security frameworks SOC 2, PCI DSS, ISO 27001; Python and API integrations; cross-functional collaboration; cloud native; Terraform.
Python, APIs, Terraform, Tines
1mo
Save
Mark Applied
Hide
Founding GRC Lead
San Francisco, California, United States
$175k-$225k/yr OnsiteFull Time
Pallet
Pallet: Automating logistics and supply chain workflows using AI agents.
7+ YOE7+ years GRC/security compliance experience; ownership of SOC 1/SOC 2 Type II cycles, GDPR/CCPA privacy, vendor risk; technical familiarity with AWS/GCP and compliance automation; certifications (CISA, CISSP, ISO 27001 LA) a plus.
AWS, GCP
3w
Save
Mark Applied
Hide
Senior Security GRC Lead
Austin or Chicago or New York City or Salt Lake City or San Francisco
$121k-$185k/yr OnsiteFull Time
Gong
Gong: AI platform analyzing customer interactions to improve sales performance.
7+ YOE7+ years building/scaling GRC or InfoSec programs, deep expertise with SOC 2/ISO/NIST frameworks, hands-on GRC tooling, policy and risk assessment experience, bachelor’s preferred, relevant certifications strongly preferred.
SOC 2, SOC 2 Type II, ISO 27001, ISO 27017, ISO 27701, ISO 27018, HIPAA, PCI, NIST CSF, GDPR, CCPA, GRC platform
3mo
Save
Mark Applied
Hide
Sr. Manager GRC
San Jose, California, United States
$179k-$257k/yr OnsiteFull Time
Bloom Energy
Bloom EnergyNYSE: BE: Manufactures solid oxide fuel cell systems for onsite power.
12+ YOELead governance, risk, and compliance program; manage risk assessments; ensure ISO27001/NIST CIS/GDPR/CCPA; lead GRC team; collaborate across functions.
GRC tools, Policy management, Compliance tooling
2mo
Save
Mark Applied
Hide
Security GRC Lead
San Francisco, California, United States
$149k-$224k/yr HybridFull Time
Salesforce
SalesforceNYSE: CRM: Sells cloud-based customer relationship management and business software solutions.
3+ YOE3-5+ years FedRAMP and software security governance; project/program management; experience with GovCloud, and certifications like CISSP/CISA/CISM.
FedRAMP, NIST 800-53, 3PAO, SSP, POA&M, CMMC, R&D, DevSecOps
1mo
Save
Mark Applied
Hide
GRC Strategy and Insights Lead
San Jose or Seattle or Lehi or New York
$124k-$235k/yr HybridFull Time
Adobe
AdobeNASDAQ: ADBE: Provides software for digital media creation and marketing analytics
8+ YOE8–12+ years in strategy, business operations, risk management, or related fields; proven experience building metrics and executive reporting; able to engage and influence executives.
Tableau, Power BI
1mo
Save
Mark Applied
Hide
Governance, Risk & Compliance (GRC) Manager
San Francisco or New York City
$190k-$215k/yr OnsiteFull Time
Sigma Computing
Sigma Computing: Cloud-native analytics platform featuring a spreadsheet-style interface.
4+ YOE4+ years GRC experience in SaaS/tech, proven history building GRC programs, leading SOC 2/ISO/HIPAA audits, implementing risk frameworks (COSO/NIST), privacy (GDPR/CCPA) knowledge, strong communication and cross-functional influence.
ServiceNow GRC, Archer, LogicGate, GCP, AWS, Azure, Vanta, Drata, Secureframe, Tugboat, NIST CSF, CIS Controls, OWASP, SOC 2, ISO 27001, HIPAA, SQL, Python
2mo
Save
Mark Applied
Hide
Federal Compliance Lead
Palo Alto or Redwood City
$130k-$170k/yr OnsiteFull Time
WindBorne Systems
WindBorne Systems: Operates smart weather balloons to provide global atmospheric data.
3+ YOE3+ years in compliance audits and US government compliance; experience with CMMC, FedRAMP, NIST frameworks; security, cloud, and GRC tooling expertise; ability to obtain security clearance.
Drata, Vanta, eMASS, Tenable Security Center, Burp, SIEM, AWS, Azure
2mo
Save
Mark Applied
Hide
Lead Identity Engineer (Fremont, CA, US, 94538)
Fremont, California, United States
$137k-$287k/yr HybridFull Time
Lam Research
Lam ResearchNASDAQ: LRCX: Manufacturing equipment used to fabricate advanced semiconductor microchips.
15+ YOE15+ years related experience, strong Saviynt and SAP GRC, SAP provisioning and IAM expertise.
Saviynt, Saviynt GRC, SAP GRC, SAP provisioning, ServiceNow, Entra ID, Azure AD, Okta, LDAP, SQL, Python, PowerShell
3w
Save
Mark Applied
Hide
Risk Consulting - Risk Technology - GRC/IRM Platforms - Manager (New York, NY, US, 10001-8604)
New York or Atlanta or Boston or Chicago or Cleveland or Dallas or Detroit or Pittsburgh or Hoboken or Houston or Los Angeles or McLean or Miami or Minneapolis or North Carolina or Philadelphia or Portland or San Francisco or Seattle or Tampa
$150k-$260k/yr HybridFull Time
EY
EY: Global firm providing audit, tax, and professional consulting services.
4+ YOEBachelor's + 5 yrs (or Master's + 4 yrs) implementing ServiceNow IRM/TPRM/BCM; ServiceNow CSA and GRC certifications; experience leading implementations, integrations, and client engagements; Microsoft Office proficiency.
ServiceNow IRM, Archer, AuditBoard, OneTrust, Spotfire, PowerBI, Tableau, Microsoft PowerPoint, Microsoft Word, Microsoft Excel, Vision, Integration Hub, REST, SOAP
1w
Save
Mark Applied
Hide
Risk and Compliance Lead
Foster City, California, United States
$210k-$270k/yr HybridFull Time
Replit
Replit: Cloud-based platform for building and hosting software applications.
8+ YOE8+ years in security compliance/IT audit/GRC; ownership of SOC 2 and/or ISO 27001 cycles; ISMS/SSP authoring; risk register ownership; GRC automation experience; auditor management; GDPR familiarity.
SOC 2, ISO 27001, ISO 42001, NIST CSF, Anecdotes, Vanta, Drata
2mo
Save
Mark Applied
Hide
Lead Identity Engineer
Fremont, California, United States
$137k-$287k/yr HybridFull Time
Lam Research
Lam ResearchNASDAQ: LRCX: Designs and manufactures wafer fabrication equipment for the semiconductor industry.
7+ YOEDeep Saviynt and SAP provisioning expertise, 7+ years IAM/IAG experience, strong developer skills (APIs, PowerShell, Python, SQL), experience with SAP GRC, ServiceNow, directories, and stakeholder leadership.
Saviynt Identity Cloud, Saviynt, Saviynt GRC, SAP, SAP GRC, SAP GRC Access Control, ECC, S/4HANA, BW, SuccessFactors, ServiceNow, AD, Entra ID, Azure AD, LDAP, Okta, Ping, REST APIs, PowerShell, Python, SQL
1mo
Save
Mark Applied
Hide
Lead, Audits, Exams & Partner Due Diligence
San Francisco or New York or Seattle or Austin or United States
$97k-$190k/yr RemoteFull Time
Rippling
Rippling: Unified platform managing workforce HR, IT, and finance operations
7+ YOE7+ years managing regulatory exams/audits or partner due diligence; strong AML/CFT, BSA, OFAC knowledge; experience with regulators; excellent communication; familiarity with GRC tools.
Confluence, Jira, Google Workspace, Slack
1mo
Save
Mark Applied
Hide
Sr. Staff Technology Controls Architecture & Assurance Lead
San Jose, California, United States
$207k-$259k/yr OnsiteFull Time
Archer
ArcherNYSE: ACHR: Develops electric vertical takeoff and landing aircraft for urban mobility.
8+ YOE8+ years in information security with 4+ years in GRC/compliance or IS audit; deep knowledge of NIST/CMMC/DFARS/ITAR; SOX ITGC experience; quantitative risk modeling and KRI development; U.S. citizenship and eligibility for DoD Secret clearance.
ServiceNow GRC, ServiceNow IRM, AuditBoard, Jira, Confluence, Microsoft Power BI, Tableau, Vanta, Drata, Secureframe, Workiva, Splunk, SIEM, Python, SQL, AI/LLM tooling, NIST SP 800-53 Rev. 5, NIST SP 800-171, CMMC Level 2, NIST SP 800-161, DFARS, ITAR, OSCAL, RTCA DO-326A, RTCA DO-356A, RTCA DO-355A, CUI Registry, DCSA eMASS
1mo
Save
Mark Applied
Hide
Sr. Lead, Sustainability Assurance, WW Sustainability
Seattle or Arlington or New York or San Francisco
$140k-$208k/yr OnsiteFull Time
Amazon
AmazonNASDAQ: AMZN: Global online retail and cloud computing technology provider.
7+ YOE7+ years finance/accounting experience with process improvement and automation; 5+ years financial analysis and cross-functional leadership; bachelor’s in accounting or related field (or equivalent); strong knowledge of assurance standards and sustainability reporting.
AICPA, ISSA 5000, CSRD, ISSB, GRC
2w
Save
Mark Applied
Hide
Cyber and Technology Risk Analyst - Lead Consultant
Illinois or San Francisco or Los Angeles or Indiana
$91k-$154k/yr HybridFull Time
Allstate
AllstateNYSE: ALL: Provides insurance products for vehicles, homes, and businesses.
4+ YOEMinimum 4 years in cyber/technology risk management; expertise with MITRE ATT&CK, threat modeling, cloud and infrastructure, risk assessments, strong analytical and communication skills; relevant security certs preferred.
MITRE ATT&CK Framework, GRC Platform, Identity Access Management (IAM)
2mo
Save
Mark Applied
Hide
Compliance Manager
Chicago or Dallas or Los Angeles or Minneapolis or New York City or San Francisco or Seattle
$161k-$190k/yr HybridFull Time
West Monroe
West Monroe: Business and technology consultancy specializing in digital transformation.
8+ YOE8+ years in cybersecurity governance, risk or compliance; lead enterprise programs; audits; vendor risk; GRC tools; strong communication.
Drata, ServiceNow GRC, IAM, Jira
2mo
Save
Mark Applied
Hide
Manager
San Jose, California, United States
$150k-$182k/yr RemoteFull Time
Uniqus Consultech
Uniqus Consultech: Tech-enabled consulting for finance, risk, and sustainability.
5+ YOE3+ MgmtBachelor’s degree in Accounting; 5+ years in SOX, internal controls, GRC tools; ERM, IFRS/US GAAP; travel up to 30%; lead teams.
Archer, Workiva, Power BI
1w
Save
Mark Applied
Hide
Governance, Risk & Compliance Analyst
San Francisco, California, United States
$200k-$220k/yr OnsiteFull Time
Perplexity
Perplexity: AI-powered search engine providing conversational answers with citations.
6+ YOE6+ years leading audit and compliance engagements; experience with SOC2/ISO27001/HIPAA, GDPR/CCPA/CPRA; building GRC tooling and automation; strong communication and cross-functional collaboration skills.