Governance, Risk and Compliance (GRC) Manager at CircleCI

| Greater Boston Area
Sorry, this job was removed at 11:33 a.m. (EST) on Saturday, April 18, 2020
Find out who's hiring in Boston.
See all Operations jobs in Boston
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Reporting to the head of security, the Governance, Risk and Compliance Manager will define, scale and oversee company-wide programs that build customer confidence, enable CircleCI operations to grow with minimal friction and ensure the company meets its third-party audit obligations. Specific domain ownership will include FedRAMP, SOC 2, GDPR/CCPA, Privacy Shield, SOX, IT controls, customer audits, legal liaison and day-to-day support for security. 

What you'll do:
  • Sales Engineering:
    • Coordinate responses to security questionnaires.
    • Lead internal project management for customer audits.
    • Consult with Product on features that will build customer trust.
    • Answer customer technical questions during the sales process.
  • Governance
    • Manage all internal policies
    • Consult on Identify and Access Management
    • Optimize operational workflows and processes
    • Control structure for IT assets that meets the needs of auditors and regulators
    • Oversee monthly audits and evidence collection for summer audit season
    • Assist Legal with data privacy compliance 
  • Risk
    • Incident response work and planning
    • Work with engineering to mitigate results of annual Risk Assessment
    • Lead quarterly ISMS Committee meetings
    • Conduct vendor security assessments for IT
    • Main internal consultant across all five departments for risk analysis 
  • Compliance: 
    • Schedule and manage events multiple quarters in advance
    • Coordinate all the dependencies of a deliverable action across teams
    • Main point of contact for auditors and federal regulators
    • Provide concise reports to management
    • Soc 2: Own the ongoing compliance, evidence collection and all processes including annual audits
    • FedRAMP: Own the ongoing compliance requirements, annual rewrite of Appendix B, and analyze system changes for filing Significant Change Requests
    • Privacy Compliance: Work with Legal and Engineering on GDPR and CCPA
What we're looking for:
  • Security mindset
  • Strong analytical skills
  • Excellent communication skills
  • Calm under high-pressure situations
  • Comfortable writing and managing large technical documents
  • Ability to work easily across every department in the company
  • Passionate for translating technical concepts into clear, simple terms
  • Ability to manage customer demands and work with internal stakeholders to solve them
  • Experience with SaaS, infrastructure and modern distributed systems
  • Demonstrated ability to lead multiple, complex projects simultaneously
  • Technical proficiency about CircleCI’s product, customer needs and audit requirements
How to apply

Submit your application online via the Apply Now button. Please include a cover letter that describes why you're interested in working for CircleCI and summarize how your experience and career goals fit the qualifications for the position. 

We know there’s no such thing as a “perfect” candidate - we’re all a work in progress and are growing new skills and capabilities all the time. CircleCI welcomes those who are enthusiastic about learning and evolving, so however you identify and whatever your background, if this looks like a role where you could do work that excites you, we hope you’ll apply.

About CircleCI
CircleCI is the world’s largest shared continuous integration and continuous delivery (CI/CD) platform, and the central hub where code moves from idea to delivery. As one of the most-used DevOps tools that processes more than 1 million builds a day, CircleCI has unique access to data on how engineering teams work, and how their code runs. Companies like Spotify, Coinbase, Stitch Fix, and BuzzFeed use us to improve engineering team productivity, release better products, and get to market faster.
Founded in 2011 and headquartered in downtown San Francisco with a global, remote workforce, CircleCI is venture-backed by IVP, Sapphire Ventures, Owl Rock, NextEquity Partners, Scale Venture Partners, Threshold Ventures, Baseline Ventures, Top Tier Capital Partners, Industry Ventures, Heavybit, and Harrison Metal Capital. Learn more at
CircleCI is proud to be an Equal Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law.
Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.


Boston, MA

What are CircleCI Perks + Benefits

Friends outside of work
Eat lunch together
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Open office floor plan
Unconscious bias training
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Retirement & Stock Options Benefits
Company Equity
Performance Bonus
Child Care & Parental Leave Benefits
Generous Parental Leave
Remote Work Program
Vacation & Time Off Benefits
Unlimited Vacation Policy
Perks & Discounts
Commuter Benefits
Company Outings
Free Daily Meals
Stocked Kitchen
Happy Hours
Professional Development Benefits
Promote from within
Continuing Education stipend
More Jobs at CircleCI1 open job
All Jobs
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView CircleCI's full profileSee more CircleCI jobs