SecurityGRCSpecialist

Profound is on a mission to help companies understand and control their AI presence. We are hiring a Security GRC Specialist to own and scale our security and compliance programs while working closely with engineering, sales, and customer success. Profound sells to enterprises with serious security expectations, and our GRC function is central to closing deals, sustaining customer trust, and meeting the regulatory bar for the markets we operate in. This is not a "watch the dashboard and file the report" role. You'll shape how we build secure systems, push remediation through with engineering, and make sure compliance accelerates the business rather than slowing it down. WHAT YOU'LL DO - Own and operate our compliance frameworks: SOC 2, ISO 27001, GDPR, and others as we grow - Drive audits end to end: readiness, evidence collection, auditor coordination - Continuously improve controls and reduce compliance overhead through automation - Lead responses to enterprise security questionnaires, RFPs, and due diligence requests - Partner with Sales and Customer Success to unblock deals and build trust with security teams at Fortune 500 customers - Develop and maintain our trust center, security whitepapers, and customer-facing documentation - Work directly with engineering to design and implement practical security controls across our cloud infrastructure, data pipelines, and customer-facing surfaces - Partner on identity and access work (SSO, SAML, SCIM, IdP integrations) where security, compliance, and customer-facing requirements intersect - Translate compliance requirements into technical, scalable solutions - Identify gaps and drive remediation, not just report them - Run risk assessments across systems, vendors, and processes - Maintain policies and standards that are lightweight, current, and actually useful - Track and report on our security posture and compliance status to leadership - Improve how we manage compliance: evidence collection, control mapping, automati