hero

Portfolio Careers

Our companies are always looking for talented people to join their growing teams.
Search 
jobs
Explore 
companies
Join talent network
Talent
My job alerts

GRC Lead

Nooks

Nooks

Earth · Remote
Posted on Sep 30, 2025
Apply now

Location

Any Location

Employment Type

Full time

Location Type

Remote

Department

Legal

About Nooks.ai:

Nooks is the AI Sales Assistant Platform (ASAP) that automates the busywork so reps can focus on the human part of selling and generate more sales pipeline. Nooks has helped thousands of sales reps hit quota, saved customers hundreds of thousands of hours, and powered hundreds of millions of dollars in pipeline. Nooks is loved by sales teams at companies like Hubspot, Rippling, and Toast, and hundreds more.

For more information, visit Nooks.ai http://Nooks.ai.

About the Role:

We are seeking a skilled Governance, Risk, and Compliance (GRC) Lead with a minimum 5 years of experience in GRC, information security, risk management, or compliance to join our team. In this role, you will help ensure that our organization maintains compliance with regulatory frameworks, and manages enterprise risks effectively. You will work cross-functionally with Legal, Security, GTM, and Operations teams to strengthen our governance posture and mitigate risk across the business.

Key Responsibilities:

Governance & Policy Management

  • Maintain and update information security, privacy, and compliance policies.

  • Assist policy governance and internal control documentation.

  • Administer and improve customer-facing GRC tools

Risk Management

  • Lead and execute risk assessments, control testing, and remediation tracking across security, privacy, and operational domains.

Compliance Management

  • Manage adherence to regulatory standards such as ISO 27001, SOC 2, GDPR, CCPA and other emerging frameworks.

  • Oversee internal and external audits, evidence collection, and gap remediation.

Security Questionnaire Process Oversight

  • Lead and improve the process for responding to customer security questionnaires and RFPs, ensuring accuracy and consistency.

  • Develop standardized templates, maintain an updated knowledge base, and streamline workflows for faster, consistent responses

Third-Party Risk Management

  • Conduct and oversee vendor and partner risk assessments, monitor subprocessor obligations, and maintain third-party risk dashboards.

Monitoring & Reporting

  • Develop and present dashboards and executive reports on enterprise risk, compliance health, and audit readiness.

Training & Awareness

  • Assist with the design, rollout, and tracking of security awareness and compliance training initiatives.

Required Qualifications:

  • Bachelor’s degree in Information Security, Risk Management, Business, or a related field (or equivalent experience).

  • Minimum of 5 years of experience in GRC, information security, risk management, or compliance roles.

  • Familiarity with industry frameworks and standards such as ISO 27001, SOC 2, GDPR, CCPA

  • Hands-on experience supporting audits and certifications against frameworks such as ISO 27001, SOC 2, GDPR, CCPA

  • Familiarity with compliance automation and customer trust platforms (e.g., Drata, Vanta, Safebase) and/or enterprise GRC platforms

  • Strong analytical, organizational, and problem-solving skills.

  • Excellent written and verbal communication abilities for policy documentation and audit interactions.

Preferred Qualifications:

  • Professional certifications such as CISA, CRISC, ISO 27001 Lead Implementer, or similar.

  • Strong Understanding of global privacy regulations (CCPA, GDPR).

  • Experience supporting compliance reviews or audits of AI-enabled products, including data governance, bias/risk assessments, or model transparency requirements.

  • Familiarity with AI governance frameworks (e.g., EU AI Act, NIST AI Risk Management Framework, ISO/IEC 42001) and experience assessing risks related to AI/ML systems.

What We Offer:

  • Competitive salary and benefits package

  • Opportunity to work with cutting-edge technologies in a fast-growing organization.

  • A collaborative and security-first culture.

Equal Employment Opportunity Statement

Nooks is an equal opportunity employer committed to fostering a diverse and inclusive workforce. We believe in providing equal employment opportunities to all individuals regardless of race, color, religion, gender, gender identity, sexual orientation, national origin, age, disability, veteran status, or any other characteristic protected by law.

Nooks does not discriminate in hiring, promotion, compensation, or any other employment practices, and we are committed to ensuring a workplace that is free from discrimination, harassment, and retaliation. We encourage individuals from all backgrounds to apply and join our team.

Apply now
See more open positions at Nooks
Privacy policyCookie policy