Global GRC Lead

About Monte Carlo

As businesses increasingly rely on data + AI for competitive advantage, reliability has become a non-negotiable. Named a CBInsights AI100 company and described by Forbes as the "New Relic for data", Monte Carlo supports some of the world's most prestigious companies, including Fox, Roche, Honeywell, and CreditKarma to deliver trustworthy data + AI at scale.

Backed by Accel, Redpoint Ventures, Notable Capital, ICONIQ Growth, and Salesforce Ventures, Monte Carlo is powering the future of reliable data + AI.

You'll join the SCI (Security, Compliance, IT) team, reporting to the CISO, who reports to the CTO and Co-founder. The GRC function owns our multi-framework compliance program (SOC 2, ISO 27001/27017/27018) and partners closely with Security, Engineering, Legal, and GTM to enable enterprise sales through trust and transparency.

Monte Carlo is seeking our first Global GRC Manager to lead our compliance efforts in a cloud-first environment. You’ll be instrumental in driving our governance, risk, and compliance initiatives and ensuring we continue to meet our customer, industry, and regulatory requirements. In this role, you will engage with customers, vendors, and internal stakeholders to oversee a wide array of compliance activities and security reviews. Although this is an individual contributor position, you will serve as a lead in your domain, leveraging your expertise to collaborate across the organization and drive critical initiatives.

• Manage and respond to customer security reviews, questionnaires, and audits

• Serve as the primary liaison for security-related inquiries from prospects, customers, and partners

• Oversee ongoing compliance initiatives (SOC 2, ISO 27001, 27017, 27018, GDPR etc.) and maintain the risk register

• Collaborate with cross-functional teams (Engineering, Sales, Product, HR) on risk management strategies

• Evaluate third-party vendors, manage due diligence processes, and coordinate remediation actions

• Develop, refine, and maintain security and compliance policies, procedures, and standards

• Support and promote security awareness initiatives, including employee training and phishing simulations

• Lead and coordinate internal and external audits, ensuring continuous improvement in controls

• Deep GRC Expertise: You have extensive knowledge of common frameworks (SOC 2, ISO 27001, NIST, GDPR, etc.) and experience managing end-to-end audit processes.

• Strong Communication Skills: You translate security jargon into business language and effectively manage customer and vendor communications.

• Risk Management Mindset: You can balance business objectives with security requirements, prioritizing risk mitigation in a way that aligns with company goals.

• Team Player: You thrive in cross-functional environments, effectively collaborating with engineering, legal, product, and other teams.

• Adaptability: You flourish in a fast-paced environment, pivoting quickly when new threats, requirements, or business needs emerge.

• 5+ years of experience in a GRC or compliance-focused role, ideally in a SaaS or technology company.

• Proven track record of managing third-party risk assessments, vendor security reviews, and compliance audits.

• Expertise in compliance frameworks such as SOC 1/2, ISO 27001| 27017 | 27018 | 27701 | 42001, and GDPR

• Relevant certifications (e.g., CISA, CISSP, CRISC, or CISM) are highly desirable.

• Excellent written and verbal communication skills with a strong attention to detail.

• Bachelor’s degree in Information Security, Cybersecurity, or a related field (or equivalent experience).

• High Impact: Build and scale the compliance program for a high-growth data platform serving enterprise customers.

• True Ownership: Own audit cycles end-to-end (SOC 2, SOC 1, ISO) with direct access to executive leadership and minimal red tape.

• Complex & Evolving: Navigate multi-framework compliance (SOC, ISO, customer security requirements) in a rapidly changing regulatory landscape.

• Strong Security Culture: Partner with Engineering, Product Security, and GTM teams who understand that compliance enables business, not blocks it.

• Remote-First: Work from anywhere in the Americas while being part of a lean, high-trust SCI team.

• Career Growth: Shape the compliance foundation at a category-defining company backed by strong momentum and sophisticated customers.

#LI-REMOTE

#BI-REMOTE

Come As You Are

Equality is a core tenet of Monte Carlo's culture. We are committed to building an inclusive global team that represents a variety of backgrounds, perspectives, beliefs, and experiences. 

Monte Carlo is an equal-opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

We are proud to be recognized for our world-class employee experience:

Monte Carlo Named 2025 Databricks Data Governance Partner of the Year

We were recently recognized as the #1 Data Observability Platform by G2 for the 4th consecutive quarter. See our G2 reviews here!

Monte Carlo Named to G2's Best Software Products of 2026

Monte Carlo was featured on Database Trends and Applications (DBTA’s) Trend-Setting Products for 2025!

We are super proud to be named the 2026 Best Place to Work by Built In!

Beware of Imposter Recruiters and Job Scams

• All official communication from our recruiting team will come from an @montecarlodata.com email address.

• We will never ask candidates to provide sensitive personal information (such as bank details, social security numbers, or payment) at any stage of the recruitment process.

• We will never request payment for equipment, training, or application processing.

• Our open positions are always listed on our official careers page: https://jobs.ashbyhq.com/montecarlodata.

If you are contacted by someone claiming to represent Monte Carlo but you’re unsure of their legitimacy, please reach out to us directly at [email protected] before sharing any personal information.