Your responsibilities will include managing policies, training, program elements, and risk framework disciplines, such as periodic regulatory and risk assessments, issues tracking and management, reporting and governance, and other aspects. You will also assist and, as appropriate, take lead on matters concerning business policies and procedures, regulatory matters including new rule proposals, existing and new products as well as reporting, operational, technological, and other issues in the business and functional areas.

Establishing positive, working relationships with Non-Financial Risk (NFR), COO, Operations, Technology, other Risk partners and other functional areas, such as Internal Audit, to collaborate on compliance solutions and manage risk issues is also a key aspect of this role. You will think and operate proactively and readily help stakeholders and the wider compliance department – locally and, as necessary, globally – on cross-collaborative efforts, including project work, controls, trainings, surveillance, and other needs (e.g., regulatory change, transformation).

You will have the opportunity to review and challenge on issues, projects/initiatives, responses to regulatory inquires and examinations and various other reporting and management information.

XML job scraping automation by YubHub

You will lead the GRC function at Scale, including compliance governance, compliance advisory, risk management, and regulatory compliance. You will manage and develop a team of compliance professionals spanning governance, assurance, and GRC engineering to build scalable systems and processes.

Key responsibilities include:

• Owning and maturing Scale's Enterprise Risk Management (ERM) program, including risk identification, assessment, mitigation, and reporting.
• Partnering with Legal, Security, Product, Engineering, and Operations, among other teams, to help guide Scale's growth in a highly scrutinized space.
• Owning or contributing to Scale's AI governance strategy, including monitoring and operationalizing emerging AI regulations (EU AI Act, NIST AI RMF, state AI laws).
• Helping set and drive vision for how GRC can not only help protect Scale, but serve as a differentiator and competitive advantage.
• Representing the team with internal and external stakeholders (partners, regulators, etc.).

Ideally, you'd have:

• 10+ years of progressive experience in GRC, compliance, or related legal/regulatory roles, with demonstrated success building or scaling compliance programs.
• Demonstrated success in building and leading high-quality compliance programs and teams.
• Experience designing and operating an Enterprise Risk Management program.
• Deep knowledge of applicable regulatory frameworks, including SOC 2, ISO 27001, FedRAMP, GDPR, and CPRA.
• Experience with U.S. Government contract compliance requirements (FAR, DFARS, NIST 800-171, CMMC).
• Proven track record of designing and maturing governance and internal control environments to support IPO readiness.
• Excellent communicator with the ability to break down complex requirements into easy-to-understand and practical systems.
• Thrive in fast-paced, high-growth environments with ambiguity and competing priorities.
• Love collaborating with talented professionals across many disciplines,product, design, security, engineering, marketing, and more.

Nice to haves:

• Experience with AI governance frameworks and emerging AI regulatory requirements.
• Experience building a compliance team that helped take a company public.
• Deep knowledge of DoD-specific compliance requirements and security frameworks.

XML job scraping automation by YubHub