GRC Program Manager

GRC Program Manager responsible for building and operating Deputy’s integrated governance program across Security, Privacy, AI Governance, and Data Governance. Lead audits and remediation for ISO 27001, SOC2, PCI-DSS, and emerging standards, while creating and maintaining policies related to data protection and privacy-by-design. Collaborate with product and engineering lifecycles, drive risk assessments, and enable business growth through compliant, AI-enabled governance workflows. Requires 5+ years in GRC within a fast-paced SaaS environment, strong framework expertise (ISO 27001, SOC2, PCI-DSS, ISO 42001), and excellent communication to influence cross-functional teams. Nice-to-have certifications (CISSP, CIPP/E, CIPM, CISA, CISM, CRISC). Locations include Sydney (HYBRID) and US-wide remote opportunity.