Director, GRC

Bloomreach is building the world’s premier agentic platform for personalization.We’re revolutionizing how businesses connect with their customers, building and deploying AI agents to personalize the entire customer journey.

• We're taking autonomous search mainstream, making product discovery more intuitive and conversational for customers, and more profitable for businesses.
• We’re making conversational shopping a reality, connecting every shopper with tailored guidance and product expertise — available on demand, at every touchpoint in their journey.
• We're designing the future of autonomous marketing, taking the work out of workflows, and reclaiming the creative, strategic, and customer-first work marketers were always meant to do.

And we're building all of that on the intelligence of a single AI engine — Loomi AI — so that personalization isn't only autonomous…it's also consistent.From retail to financial services, hospitality to gaming, businesses use Bloomreach to drive higher growth and lasting loyalty. We power personalization for more than 1,400 global brands, including American Eagle, Sonepar, and Pandora.Become the Head of GRC for Bloomreach! You will lead our Governance, Risk, and Compliance team. Our company provides the best digital experience for the top international e-commerce companies. Your work will impact hundreds of millions of consumers in the online space. You will work in one of our US offices or from home on a full-time basis, and be part of the GIST (Global Information Security & Technology) group.   Responsibilities:

• Design, deploy and lead the operations of a multi-year roadmap for the GRC programs
• Own and scale our policy and control framework supporting various compliance frameworks including ISO 27001 and SOC 2
• Build trust with our customers, by responding to customer security, and compliance questionnaires, and represent GRC on customer calls
• Improve third-party risk management processes and develop a comprehensive third-party risk management program
• Develop and implement robust Business Continuity Planning (BCP) programs
• Coach, educate, and engage Bloomreach employees across all teams and help drive security and privacy awareness and a culture of trust and compliance

Requirements:

• 7+ years of proven experience in the GRC, internal audits, security, or privacy space
• 3+ years of experience hiring, building and managing a team
• Strong leadership skills
• Excellent collaboration, communication, interpersonal, and issue resolution abilities
• Experience with risk management and compliance frameworks, including related regulatory and IT compliance requirements (e.g., SOC 2, NIST 800-53, ISO 27001)
• Significant experience in performing, running and executing audits, certification programs, and control assessments
• Experience working with Cloud technologies (e.g., AWS, GCP)
• Experience in the areas of policy governance, third party or vendor risk management, incident response, and business continuity planning

#LI-HO1

The pay range actually offered will take into account a variety of potential factors considered in compensation, including but not limited to skills, qualifications, geographic location, accomplishments, experience, credentials, internal equity and business needs, and may vary from the range listed above.Base Salary Range$180,000—$200,000 USD

More things you'll like about Bloomreach:

Culture:

• A great deal of freedom and trust. At Bloomreach we don’t clock in and out, and we have neither corporate rules nor long approval processes. This freedom goes hand in hand with responsibility. We are interested in results from day one. 
• We have defined our 5 values and the 10 underlying key behaviors that we strongly believe in. We can only succeed if everyone lives these behaviors day to day. We've embedded them in our processes like recruitment, onboarding, feedback, personal development, performance review and internal communication. 
• We believe in flexible working hours to accommodate your working style.
• We work virtual-first with several Bloomreach Hubs available across three continents.
• We organize company events to experience the global spirit of the company and get excited about what's ahead.
• We encourage and support our employees to engage in volunteering activities - every Bloomreacher can take 5 paid days off to volunteer*.
• The Bloomreach Glassdoor page elaborates on our stellar 4.4/5 rating. The Bloomreach Comparably page Culture score is even higher at 4.9/5

Personal Development:

• We have a People Development Program -- participating in personal development workshops on various topics run by experts from inside the company. We are continuously developing & updating competency maps for select functions.
• Our resident communication coach Ivo Večeřa is available to help navigate work-related communications & decision-making challenges.*
• Our managers are strongly encouraged to participate in the Leader Development Program to develop in the areas we consider essential for any leader. The program includes regular comprehensive feedback, consultations with a coach and follow-up check-ins.
• Bloomreachers utilize the $1,500 professional education budget on an annual basis to purchase education products (books, courses, certifications, etc.)*

Well-being:

• The Employee Assistance Program -- with counselors -- is available for non-work-related challenges.*
• Subscription to Calm - sleep and meditation app.*
• We organize ‘DisConnect’ days where Bloomreachers globally enjoy one additional day off each quarter, allowing us to unwind together and focus on activities away from the screen with our loved ones.
• We facilitate sports, yoga, and meditation opportunities for each other.
• Extended parental leave up to 26 calendar weeks for Primary Caregivers.*

Compensation:

• Restricted Stock Units or Stock Options are granted depending on a team member’s role, seniority, and location.*
• Everyone gets to participate in the company's success through the company performance bonus.*
• We offer an employee referral bonus of up to $3,000 paid out immediately after the new hire starts.
• We reward & celebrate work anniversaries -- Bloomversaries!*

(*Subject to employment type. Interns are exempt from marked benefits, usually for the first 6 months.)

Excited? Join us and transform the future of commerce experiences!

If this position doesn't suit you, but you know someone who might be a great fit, share it - we will be very grateful!

Any unsolicited resumes/candidate profiles submitted through our website or to personal email accounts of employees of Bloomreach are considered property of Bloomreach and are not subject to payment of agency fees.

#LI-Remote