GRC Program Specialist

Details

Collibra’s Governance, Risk, and Compliance (GRC) team is seeking a GRC Program Specialist with a technical background and audit experience to help strengthen and maintain Collibra’s control environment and risk posture. The role is hybrid and based in either the New York City office or the Raleigh office depending on candidate location. Where applicable, the hybrid model requires working from the office at least two days per week.

Responsibilities

• Develop and roll out policies, procedures, and processes.
• Execute periodic and continuous control monitoring activities, including user access reviews and third-party assessments, to ensure controls operate as intended.
• Support the risk and issue management lifecycle by collaborating with process and system owners to identify, track, and remediate security gaps.
• Coordinate evidence collection for external audits (e.g., SOC 2, ISO 27001) by partnering with stakeholders across the company to support audit processes and maintain compliance certifications.
• Manage vendor relationships and perform third-party assessments as part of vendor onboarding.
• Remediate audit findings and support external audits.
• Contribute to governance functions such as security awareness training and policy management.
• Administer day-to-day functions of GRC platforms to maintain a reliable source of truth for GRC activities.

Requirements

• Minimum 3 years of experience in public IT audit, internal audit, and/or compliance, ideally in a SaaS software environment.
• Familiarity with control testing and supporting technology audits; some exposure to cloud environments (AWS/GCP) or enterprise SaaS applications (Salesforce, Workday).
• Familiarity with at least one common control framework (e.g., SOC 2, ISO 27001, NIST CSF) through direct support of an audit or compliance program.
• Ability to discuss technical topics with cross-functional teams through clear written and verbal communication.
• Strong interpersonal skills to interact effectively with internal and external stakeholders.
• Bachelor's degree or equivalent related work experience is required.
• One or more of the following certifications is nice-to-have: CISA, CRISC, CISSP, CIA, CPA, etc.
• (For US non-federal postings) This position is not eligible for visa sponsorship.

Measures of success

• First month: Begin building relationships within the GRC team and across Collibra; start performing third-party assessments and supporting training processes.
• Third month: Perform continuous control monitoring and support recertification reviews and issue remediation activities.
• Sixth month: Help execute Collibra’s annual external audit program and support maintaining certifications.

Compensation

• Base salary range: $72,000 - $90,000 per year.
• This position is not eligible for additional commission-based compensation. Salary offers are based on experience, skills, and location.
• In addition to base salary, Collibra offers equity ownership, bonus potential, a Flex Fund monthly stipend, pension/401(k) plans, and other benefits.

Benefits

• Flexible benefits program built on competitive compensation, health coverage, and time off.
• Programs supporting diversity, equity, and inclusion.
• Equal opportunity employer and accommodations available for applicants who need them.