Enterprise Risk Manager

Details

Groq delivers fast, efficient AI inference. Our LPU-based system powers GroqCloud™, giving businesses and developers the speed and scale they need. From our Bay Area roots to our growing global presence, we are on a mission to make high performance AI compute more accessible and affordable.

Groq is seeking an Enterprise Risk Manager to lead and evolve Groq’s Information Security Risk Management program. This role will own risk lifecycle processes under the Information Security Management System (ISMS), support critical audits and assessments (ISO 27001, SOC 2, FedRAMP), and act as a central point of accountability for both internal and third-party risk identification, evaluation, and remediation. In the short term the role will focus on remediating and streamlining the Vendor Risk Management (VRM) process and mentoring a Risk & Policy Intern to help operationalize and scale documentation, control rationalization, and program visibility.

Responsibilities

• Own and operate Groq’s ISMS-aligned risk management lifecycle, including risk identification, analysis, treatment planning, and exception handling
• Lead the build up and scaling of the Vendor Risk Management program, ensuring proper control mapping, ownership, and decision traceability
• Facilitate quarterly risk reviews, manage the central risk register, and drive prioritization aligned to Groq’s enterprise risk appetite
• Translate technical and operational risks into business-aligned impact assessments and escalation pathways
• Collaborate with cross-functional stakeholders (Legal, Procurement, IT, Engineering, Security) to align on roles and expectations
• Mentor and guide a Risk & Policy Intern, delegating documentation, intake, and reporting tasks while coaching on program strategy
• Support internal audit readiness for risk-related controls across SOC 2, ISO 27001, FedRAMP, and ECC-1
• Recommend and help implement tools or dashboards to improve risk visibility, VRM automation, and evidence traceability

Requirements

• 7–10 years of experience in risk management, GRC, security compliance, or vendor trust programs — ideally in fast-scaling or regulated tech environments
• Strong knowledge of information security frameworks (ISO 27001, NIST 800-53, SOC 2, FedRAMP)
• Experience managing or improving third-party risk assessments (TPRA), supplier reviews, and contract workflows
• Ability to guide risk decisions across stakeholders with varied technical depth and business priorities
• Demonstrated success building or maturing enterprise risk programs and managing risk registers
• Familiarity with tools such as Vanta GRC, ServiceNow GRC, ProcessUnity, Ariba, JIRA, Smartsheet, Confluence, or Tableau
• Exceptional communication, stakeholder management, and mentoring skills

Bonus Points

• Experience with AI/ML infrastructure, data sovereignty, or global regulatory compliance
• Experience with hybrid systems containing both hardware components and software services
• Previous success in applying automation, AI/ML, or self-service tooling to reduce risk ops overhead
• Background in access remediation, contract lifecycle integration, or GRC process unification
• Working knowledge of international privacy laws (GDPR, HIPAA, ECC-1)

Attributes of a Groqstar

• Problem solver — leans into issue identification and resolution
• Owner mentality — gets things done and raises the bar
• Collaborative — egoless team player who makes others better
• Growth mindset — curiosity and humility are key
• Systems thinker — understands how components and people fit together
• Bold and gritty — thinks big, executes quickly, and adapts fearlessly

Location

Groq is geo-agnostic — work from wherever you’re most effective. Exceptional candidates thrive in async collaboration environments. Some roles may require periodic travel or presence at primary sites.

Compensation

Base salary range (United States): $148,287 to $278,760. Actual compensation is determined by location, skills, qualifications, experience and internal benchmarks. Compensation for candidates outside the USA will be dependent on the local market. The role is part of a comprehensive compensation package that includes equity and benefits.

Equal Opportunity & Accessibility

Groq is an Equal Opportunity Employer and is committed to creating an inclusive environment for all employees and applicants. Groq is committed to working with and providing reasonable accommodations to qualified individuals with disabilities. For accommodation requests during the application or hiring process, contact [email protected] (accommodation requests only).