Dremio · 1 day ago
Director, Head of Governance, Risk & Compliance (GRC)
United States
Full-time
Remote
Director/Executive
8+ years expDremio is the unified lakehouse platform for self-service analytics and AI, serving hundreds of global enterprises. They are seeking a Director, Head of Governance, Risk & Compliance (GRC) to lead efforts in building a secure and compliant operating foundation, overseeing GRC and IT functions while partnering with various teams to ensure compliance and security are integrated into their operations.
AnalyticsBig DataBusiness IntelligenceMachine LearningSoftware
Responsibilities
Build and oversee the company’s enterprise-wide GRC framework, integrating risk, compliance, IT, and security disciplines
Partner with Finance, Legal, and Product teams to align governance and control frameworks with business objectives and growth strategy
Maintain a comprehensive enterprise risk register, performing ongoing assessments and scenario planning to inform leadership and board discussions
Ensure consistent documentation, evidence gathering, and audit readiness for key frameworks (SOC 2, ISO 27001, GDPR, CCPA, PCI, FedRAMP, etc.)
Lead the IT and Security teams, driving a unified approach to infrastructure resilience, data protection, and compliance control implementation
Define and manage the Security Incident Management process, ensuring timely response, root cause analysis, and corrective actions
Oversee the design and implementation of key security capabilities such as key management, encryption, data masking, and access control
Stay current on emerging security threats and evolving cloud risks, applying insights to improve company posture and preparedness
Serve as a key business partner to Engineering, Product, and Security Architecture, ensuring compliance and risk management are built into software development lifecycles
Define, review, and refine compliance-related epics, user stories, and acceptance criteria in partnership with Product teams
Develop and communicate a multi-period security and compliance roadmap, aligned with company product releases and customer expectations
Collaborate with engineers to create repeatable, auditable compliance artifacts and automated control testing processes
Participate in architecture design discussions to identify and mitigate security and compliance risks in new solutions
Oversee external and internal audit cycles, including SOC 2 Type 2, ISO 27001, and HIPAA readiness and remediation
Partner with external auditors and assessors to coordinate documentation, testing, and corrective actions
Ensure GRC tools and processes are streamlined, automated, and well-documented for efficiency and scalability
Lead company-wide compliance and ethics programs, including Code of Conduct, training, and reporting mechanisms as it relates to information security
Build a culture of proactive risk awareness, transparency, and continuous improvement across all departments
Provide regular briefings to the executive team and Audit Committee on key risks, compliance status, and mitigation efforts
Qualification
Required
Bachelor's or Master's degree in Computer Science, Information Security, or related field
8-10 years of progressive experience in GRC, IT Security, or compliance, with at least 3+ years in a leadership role within a software, SaaS, or cloud-based company
Strong understanding of cloud architectures and modern DevSecOps practices, including secure software development and CI/CD pipeline controls
Deep knowledge of compliance frameworks including SOC 2, ISO 27001, NIST, GDPR, CCPA, PCI, and related security standards
Proven ability to collaborate with Engineering and Product teams to translate compliance requirements into practical, sustainable controls
Strong risk assessment, audit management, and project management skills
Excellent communicator capable of simplifying complex technical and regulatory topics for executive and cross-functional audiences
Preferred
Professional certifications such as CISA, CISSP, CRISC, CISM, or CCEP
Experience implementing or managing GRC tools, control automation, or compliance monitoring systems
Customer-facing experience supporting security and compliance reviews
Benefits
Medical, dental and vision insurance
401(k) Plan
Short term / long term disability and life insurance
Pre-IPO stock options
Flexible PTO
16 hours of volunteer time off
12 company paid holidays, including Juneteenth
Remote work options
Paid parental leave
Employee Assistance Program (EAP)
Biannual swag surprise
Company
Dremio
The Intelligent Lakehouse Platform
201-500 employees
H1B Sponsorship
Dremio has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (7)
2024 (9)
2023 (9)
2022 (19)
2021 (12)
2020 (3)
Funding
Current Stage
Late StageTotal Funding
$410MKey Investors
Adams Street PartnersSapphire VenturesInsight Partners
2022-01-25Series E· $160M
2021-01-06Series D· $135M
2020-03-26Series C· $70M
Leadership Team
Sendur Sellakumar
President & Chief Executive Officer
M
Matt Quarfoot
Chief Revenue Officer (CRO)
Recent News
Best Data Management Software, Vendors and Data Science Platforms
2025-12-13
2025-11-28
Company data provided by crunchbase