Brex1 month ago

Senior GRC Lead

Brex

$153,600–$192,000 year

On-site · New York City, New York, United States or San Francisco, California, United States

New York City, New York, United States or San Francisco, California, United StatesOn-siteFull Time$153,600–$192,000 yearSenior LevelNot SpecifiedFintech PlatformLarge

Type

Full Time

Level

Senior Level

Education

Not Specified

Company size

Large

Industry

Fintech Platform

Job Summary

Senior GRC Lead responsible for bridging compliance expertise with technical execution. Design and automate GRC processes, build integrations between security tools and GRC platforms, and create scalable processes to maintain compliance as Brex expands into new markets. Develop and automate controls across SOC 2, PCI DSS, ISO 27001, and evolving AI governance requirements; support Trust Assurance and Third Party Risk Management; collaborate with Engineering, Infrastructure, and Product to translate regulatory requirements into technical controls and dashboards, and drive audits (SOC 2, PCI DSS, SOX/ITGC, FINRA, ISO). Utilize tools like Tines to automate security operations, implement AI governance frameworks, and deliver security metrics dashboards. The role emphasizes autonomy, cross-functional collaboration, and the delivery of scalable security and compliance solutions across a hybrid Seattle-based environment with periodic fully remote options. The compensation range is $153,600–$192,000 with potential equity; location hints include New York and San Francisco offices in the US.

Required Qualifications

5+ years of experience in GRC, IT Governance, or Security Engineering with a strong track record of automating manual compliance workflows
Deep experience with security frameworks such as SOC 2, PCI DSS, ISO 27001, and NIST CSF, specifically within cloud-native environments
Technical proficiency in Python (or similar scripting languages) and experience building integrations using APIs to connect security tools with GRC systems
Builder mindset with the ability to design and implement automated control testing, continuous monitoring, and data-driven security metrics
Exceptional cross-functional collaboration and communication skills, translating complex compliance requirements into technical specifications for engineering teams
Strong systems thinking with ability to design scalable GRC architectures that grow with the company
Bias for action and self-starter attitude

Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.

Hiring someone like this?

Get your role in front of qualified candidates on Sorce.

Get started