Remote Legal Jobs • GRC

As a Senior Compliance and Risk Specialist at CBN, you will be responsible for leading compliance initiatives, conducting risk assessment and remediation activities, and developing security strategies for CBN systems deployed in Canada, the United States and Europe.

As an early member on the Trust team, you’ll have the unique opportunity to be the builder and driver of our dedicated, in-house security engineering efforts. You will be expected to build, extend, and connect Headway risk and compliance processes that scale with the business. You will partner closely with members of Security, IT, and Headway Engineering teams to ensure Headway prioritizes the most important risks and exceeds compliance expectations.

Vanta is looking for a GRC Subject Matter Expert to develop GRC solutions for federal and public sector customers, focusing on FedRAMP authorization and continuous monitoring. You will bridge Product Management, customers, and compliance stakeholders, ensuring solutions align with federal security and privacy frameworks. You will design and improve compliance content while shaping Vanta’s GRC product roadmap.

As the Manager, GRC and Privacy, you will be instrumental in enhancing and maintaining our integrated GRC and privacy program. You will be responsible for developing and implementing policies, procedures, and controls to ensure compliance with relevant regulations, industry standards, and customer requirements. This role requires a strong understanding of risk management principles, privacy laws, and the ability to translate complex requirements into practical and scalable solutions.

This high-visibility, high-impact role will require close partnerships with legal, product, policy, engineering, audit, and business teams. You will project manage highly cross-functional initiatives, develop remediation roadmaps to address compliance risks and implement monitoring mechanisms to ensure regulatory adherence across a range of offerings and products; build, operationalize, and scale DoorDash’s global compliance program strategy.

This role focuses on strengthening our privacy and security assurance capabilities at scale. The analyst will contribute to the design and execution of the company’s privacy roadmap, manage data subject access requests, support privacy impact assessments, and conduct vendor risk assessments. The position requires strong organizational skills and a passion for privacy programs, as well as familiarity with security/privacy compliance frameworks.