***Must be local to NYC, Norwalk CT, Atlanta GA, or Lafayette CA.***

We are looking for a Governance Risk and Compliance (GRC) Manager to join our rapidly growing company in support of multiple SaaS applications.

The GRC Manager will be responsible for overseeing all aspects of regulatory compliance, risk management, and data privacy within the organization. This role will require a deep understanding of GDPR, CCPA, SOC2, Data Privacy, and other relevant regulations and standards, as well as the ability to develop and implement effective compliance programs and processes.

Key Responsibilities

GDPR/CCPA Compliance:

• Monitor regulatory developments related to GDPR, CCPA, and other privacy laws.
• Conduct regular audits to ensure compliance with GDPR, CCPA, and other relevant regulations.
• Develop and implement policies and procedures to address data privacy requirements.
• Collaborate with cross-functional teams to ensure alignment with privacy regulations in product development, marketing, and other areas.

Manage Certification Renewal (SOC2):

• Oversee the renewal process for SOC2 certification.
• Work closely with internal and external stakeholders to gather necessary documentation and evidence.
• Coordinate with auditors to facilitate the SOC2 audit process.
• Implement improvements based on audit findings to maintain compliance with SOC2 requirements.

Implementation of a Privacy Program:

• Develop and implement a comprehensive privacy program aligned with industry standards and best practices.
• Conduct privacy impact assessments and gap analyses to identify areas for improvement.
• Provide guidance and training to employees on privacy policies and procedures.
• Monitor and assess the effectiveness of the privacy program and make recommendations for enhancements as needed.

Acting Data Privacy Officer:

• Serve as the primary point of contact for privacy-related inquiries and incidents.
• Investigate and respond to data privacy complaints and breaches in accordance with regulatory requirements.
• Collaborate with legal counsel to address privacy-related legal issues and obligations.
• Maintain records of data processing activities and ensure compliance with data subject rights requests.

Customer Security and Compliance Questionnaires:

• Manage the completion of customer security and compliance questionnaires.
• Coordinate with internal teams to gather accurate and timely responses to customer inquiries.
• Maintain a repository of standard responses and supporting documentation for use in questionnaires.
• Assist sales and account management teams in addressing customer concerns related to security and compliance.

About You

• Minimum of 3 years of experience in a GRC or similar role, preferably in the Recruiting/Recruitment Marketing industry.
• In-depth knowledge of GDPR, CCPA, SOC2, and other relevant regulations and standards.
• Strong analytical and problem-solving skills, with the ability to interpret complex regulatory requirements and apply them to practical business solutions.
• Excellent communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and communicate complex concepts to non-technical stakeholders.
• Relevant certifications (e.g., CIPP, CISM, CISSP) are preferred.
• Experience with privacy management tools and software is a plus.

Joining Recruitics offers a unique opportunity to contribute to a dynamic and innovative organization committed to excellence in data privacy, security, and compliance. If you are passionate about ensuring the protection of sensitive information and maintaining regulatory compliance, we encourage you to apply for this exciting role.