Governance, Risk & Compliance Manager
Hybrid
Full Time
#Engineering
#GRC
#Security Compliance
#Risk Management
#Audit
#Internal Controls
#NIST CSF
#ISO27001
#SOC
At Litmus, we are transforming how organizations utilize machine data to drive operational excellence. As a growth-stage software company, we are at the forefront of the digital revolution, making Industry 4.0, Industrial IoT, and Edge Computing a reality for some of the world's most innovative companies. Having recently completed our Series B financing, we are expanding our team with talented individuals who are eager to shape the future of technology. We take pride in our collaborative culture and our ability to deliver results that earn the trust of industry leaders like Google, Dell, Intel, and Mitsubishi.
About the Role
We are seeking a Governance, Risk & Compliance Manager to join our team on a full-time basis. This senior-level position is essential for overseeing our security compliance programs and ensuring we maintain the highest standards of internal controls. You will work across our organization to bridge the gap between technical requirements and business objectives, helping us navigate a complex, multi-cloud environment.
Key Responsibilities
- Lead our efforts to achieve and maintain various security compliances, including the proactive management of our ISO 27001 Information Security Management System.
- Oversee our compliance management systems, such as Drata, while monitoring adherence to internal information security policies and procedures.
- Develop and manage our vendor risk quantification program while serving as the primary subject matter expert for risk management principles across all business units.
Requirements
To be successful in this role, you should possess a strong background in security governance and risk management. We are looking for the following qualifications:
- A minimum of 5 years of experience in security governance, risk management, compliance, or audit, with 7 to 10 years of total professional experience.
- Deep knowledge of regulatory frameworks such as NIST CSF, ISO27001, SOC, GxP, and GMP.
- Proven ability to manage compliance tools, perform technical risk assessments, and communicate effectively with both technical and executive stakeholders.
- Previous experience as a Qualified Security Assessor (QSA) or Internal Security Assessor (ISA) is highly valued.
- Strong analytical skills, including the ability to create metrics, dashboards, and documentation to support our security posture.
Location
This position is based in the United States.
Compensation and Benefits
We believe in fostering a flexible work environment to help our team members thrive. This role offers the following benefit:
- Hybrid work arrangements to support a healthy work-life balance.





