Senior Governance, Risk, and Compliance (GRC) Manager

Lehi, UT - USA

Monthly Salary: Not Disclosed

Posted on: 30+ days ago

Vacancies: 1 Vacancy

Job Summary

At Podium our mission is to arm every local business with a complete platform and outcome-driven AI employees that convert leads into real paying customers. Every day millions of workers use our AI lead conversion and communication platform to help them get more leads and make more money.

Our work and focus on helping local businesses thrive has been recognized across the industry including Forbes Next Billion Dollar Startups Forbes Cloud 100 the Inc. 5000 and Fast Companys Worlds Most Innovative Companies.

At Podium we believe in fostering a culture that thrives on hiring and developing exceptional talent. Our operating principles serve as a compass guiding daily behavior and decision-making and ensure we hire people who will thrive at Podium. If you resonate with our operating principles and are energized by our mission Podium will be a great place for you!

About the Role

We are seeking a Senior GRC Manager to build and lead our governance risk and compliance programs during a critical growth phase. This leader will drive proactive repeatable and scalable compliance and risk processes across the organization ensuring we meet customer regulatory and board expectations.

You will be responsible for defining the GRC strategy leading audits and certifications (SOC 2 Type 2 ISO 27001 etc.) overseeing vendor risk maturing our enterprise risk management function and ensuring our security and compliance programs are sustainable automated and aligned with business objectives.

This is a high-visibility leadership role that will partner across Security Legal IT Product/Engineering and Finance and will regularly engage with executives auditors and enterprise customers.

Responsibilities

Build and lead the GRC function - establish team structure processes and tools to scale compliance and governance programs.
Certifications & Audits - own SOC 2 Type 2 ISO 27001 and other certifications/regulatory assessments; serve as primary liaison with auditors.
Enterprise Risk Management - establish and maintain the enterprise risk register risk assessment process and reporting to executive leadership and the board.
Customer Trust - oversee customer security engagements (RFPs DDQs customer audits); build repeatable processes and knowledge base.
Vendor Risk Management - design and run the program for onboarding monitoring and offboarding third-party vendors and SaaS platforms.
Policy & Control Frameworks - maintain the information security policy set; map to compliance frameworks and ensure effective implementation across the org.
Metrics & Reporting - establish compliance and risk KPIs/metrics; provide regular reporting to executives.
Program & Project Management - ensure initiatives are planned tracked and delivered; reduce reliance on manual one-off processes.
Cross-functional Leadership - partner with Product Security SecOps Legal and IT to embed compliance and risk practices into daily workflows.

Qualifications

10 years of experience in Governance Risk and Compliance with at least 5 years in a leadership role.
Proven track record of building and scaling GRC programs in a mid-to-late stage SaaS company.
Deep understanding of SOC 2 ISO 27001 HIPAA and other compliance frameworks (PCI SOX a plus).
Strong grasp of enterprise risk management methodologies and reporting.
Experience leading audits and external assessments with regulators customers and auditors.
Excellent cross-functional collaboration skills; proven ability to influence without direct authority.
Strong project management and organizational skills; ability to drive multiple initiatives simultaneously.
Excellent written and verbal communication skills; comfortable presenting to executives auditors and customers.

Required Experience:

Manager