GRC Lead (Governance, Risk, and Compliance) at Replit

This role is for a seasoned security professional with at least eight years of experience who can bridge the gap between complex engineering architectures and regulatory frameworks. You need a background in automating audits—moving away from manual paperwork toward compliance-as-code—while managing a small team of specialists. **What makes it worth a look...** The compensation is high for a GRC role, reaching up to $300,000 plus equity and a 4% 401(k) match. You will get to build a modern risk program from the ground up at a high-growth AI platform, though you must be comfortable with a mandatory three-day-a-week hybrid schedule in Foster City. **You might be a good fit if you...** * Have managed SOC 2 and ISO 27001 audits within GCP or AWS environments. * Are comfortable using automation tools like Vanta or Drata to replace manual evidence collection. * Can talk through technical trade-offs with software architects without slowing down deployment. * Are interested in tackling emerging AI regulations like the EU AI Act.