GRC Subject Matter Expert

Working at Thoropass

Thoropass makes it as easy to do the right thing as it is to check a box. Our team members believe that partnership lightens the load. Not everyone can be an expert at everything – lending each other support in areas of weakness strengthens everyone’s offering. We collaborate openly and enthusiastically; without ego. 

What We Do

At Thoropass, we’re compliance experts so you don’t have to be. Pairing easy software that’s always getting smarter with expert guidance and continuous monitoring, we integrate into your process to prepare you to pass any audit, every year, with flying colors. Hundreds of growing companies use Thoropass’s compliance automation platform, expert services, auditors and partner ecosystem to get and stay compliant over the lifetime of their business. We offer SOC 2, ISO 27001, GDPR, HIPAA, PCI DSS, and other infosec and privacy frameworks.

We are a rapidly expanding team based in New York. We were founded in May 2019 and raised our Series C funding in November 2022. Our top investors include: J.P. Morgan, PayPal Ventures, Fin Capital, Centana, and Bain Capital. We're growing customers and revenue dramatically and we’re poised for continued break-out growth in 2024 and beyond.

About the Job

Forget everything you think you know about governance, risk, and compliance (GRC). We’re on a mission to reinvent the outdated, clunky information security management process—and we’re doing it with cutting-edge AI, automation, and a relentless commitment to customer success.

As a GRC SME, you’ll sit at the intersection between product, sales, and our in house information security compliance experts, helping shape our framework roadmap and driving decisions on which compliance offerings we launch next. 

This isn’t your typical GRC job—it’s a chance to lead innovation, tackle complex challenges, and make a lasting impact on the industry.

What You’ll Do

In this role, you’ll combine your information security compliance expertise with a drive for innovation to launch compliance products and offerings. 

Here’s how you’ll make an impact:

• Deliver World-Class Framework offerings: Drive the implementation of our new information security framework offerings and ensure the accuracy, quality, and timely delivery of internal commitments. 
• Collaborate on Technology: Work closely with our technology team to refine, enhance, and implement our AI-powered compliance platform, ensuring it addresses real-world challenges and scales with our growth.
• Drive Efficiency: Build and implement processes that make it possible to launch compliance frameworks at scale.
• Enhance Customer Experience: Collaborate cross-functionally to improve the customer experience, making our platform more seamless and insightful.
• Be a Thought Leader: Provide expert guidance on information security frameworks and standards, while identifying opportunities for continuous improvement and innovation.

What You’ll Bring

We’re looking for innovators, problem solvers, and tech enthusiasts with the following experience and skills:

• Thinking outside the box: You want to do things differently.
• Operational Efficiency Mindset: You are always looking for ways to improve existing operations and tasks.
• Data Relationships: You have the willingness to learn and understand relationships between relational data sets.
• Sharp Mindset: You’re a quick learner with exceptional problem-solving skills, attention to detail, and analytical ability.
• Curiosity & Drive: Ability to work independently with minimal direction, and a genuine interest in solving problems and questioning the status quo.
• Compliance Experience: Experience working with information security and privacy frameworks and standards such as SOC 2, ISO series of standards, NIST CSF, NIST-800-53, PCI, HITRUST, C5, CSA Star, GDPR, CCPA, EU-U.S. DPF, etc. 

Why You’ll Love This Role

• Cutting-Edge Tech: Work with an AI-powered toolset designed to make your job easier and more impactful.
• Drive a New Compliance Experience: Support the development of new frameworks within the Thoropass platform which includes the actions required for customers to successfully implement and manage frameworks.
• Cross Functional Collaboration: Interface cross-functionally across the organization to help drive next steps for the team.

Compensation

• The salary range for this position is  $100,000 - $150,000 and will be based on experience and skill set
• Immediate access to health, dental, and vision care
• Early equity in a fast-growing company
• Hybrid work from home model
• Flexible PTO
• Stipend for home office equipment
• Monthly wellness stipend

Equal Opportunity

Thoropass provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Even if you feel you don’t meet every requirement, consider applying! Thoropass acknowledges the research which shows that women and people of color are less likely to apply for jobs when they don’t meet all of the stated qualifications. However, we’re looking for authentic innovators to blaze new trails and you just may be the right person for this or another role.