Governance, Risk, and Compliance (GRC) Lead
Remote – Poland
Zowie
Zowie’s AI revolutionizes customer service by automating complex workflows, delivering precise responses, and enhancing satisfaction across channels. Achieve seamless scaling, cost efficiency, and loyal customer relationships with intelligent...
About Zowie:At Zowie, we’re revolutionizing how businesses interact with their customers. We’re creating a future where AI Agents handle 100% of customer service interactions—delivering instant, personalized, and exceptional experiences.
We believe AI Agents represent the next major technological shift, and Zowie is positioned to lead the charge. Leading consumer brands like GetYourGuide, DocMorris, Monos, Monica Vinader, Decathlon, Media Markt already trust our AI Agents to be on the front line of their customer care efforts, handling millions of conversations monthly.
This is a foundational role at Zowie - as Governance, Risk, and Compliance (GRC) Lead, you will be responsible for building, implementing, and managing Zowie’s GRC program. You will ensure we meet our regulatory obligations, manage risks effectively, and maintain the trust of our customers by demonstrating a strong commitment to security and compliance. You will be the central point of contact for all GRC-related activities, working cross-functionally to embed best practices throughout the organization.
As a GRC Lead at Zowie, you'll have:- The opportunity to build and own the GRC function in a rapidly growing AI company in the enterprise B2B space.- Direct impact on the company's ability to scale, secure enterprise clients, and build trust.- Collaborative and innovative work environment in a company positioned on the cutting edge of innovation in enterprise AI applications.
Sounds interesting? Let's have a conversation!
We believe AI Agents represent the next major technological shift, and Zowie is positioned to lead the charge. Leading consumer brands like GetYourGuide, DocMorris, Monos, Monica Vinader, Decathlon, Media Markt already trust our AI Agents to be on the front line of their customer care efforts, handling millions of conversations monthly.
This is a foundational role at Zowie - as Governance, Risk, and Compliance (GRC) Lead, you will be responsible for building, implementing, and managing Zowie’s GRC program. You will ensure we meet our regulatory obligations, manage risks effectively, and maintain the trust of our customers by demonstrating a strong commitment to security and compliance. You will be the central point of contact for all GRC-related activities, working cross-functionally to embed best practices throughout the organization.
As a GRC Lead at Zowie, you'll have:- The opportunity to build and own the GRC function in a rapidly growing AI company in the enterprise B2B space.- Direct impact on the company's ability to scale, secure enterprise clients, and build trust.- Collaborative and innovative work environment in a company positioned on the cutting edge of innovation in enterprise AI applications.
Sounds interesting? Let's have a conversation!
What you'll do:
- Governance, Risk and Compliance Program Development & Implementation: Take ownership of Zowie’s existing GRC program, including its strategy, framework, policies, standards, and procedures, and drive its continuous improvement and adaptation to our B2B SaaS environment.
- Compliance Management: Lead and manage compliance efforts for key industry frameworks and regulations, including but not limited to: SOC 2 Type 2, GDPR, HIPAA, DORA (Digital Operational Resilience Act).
- Audit Oversight: Plan, coordinate, and oversee internal and external audits (e.g., SOC 2). Act as the primary point of contact for external auditors. Manage the collection of audit evidence and coordinate remediation efforts for any identified findings.
- Coordination of security questionnaires and due diligence requests: Develop and manage a streamlined process for responding to customer and prospect security questionnaires and due diligence requests. Maintain a knowledge base of security and compliance information to support the sales process.
- Risk Management: Maintain Zowie’s risk register. Work with stakeholders to identify, assess, treat, and monitor risks across the organization. Report on risk posture to leadership.
- Incident Management and Business Continuity: Oversee and contribute to the development, implementation, and testing of Zowie’s incident management framework, ensuring alignment with compliance obligations (e.g., GDPR breach notification, DORA ICT incident reporting). Play a key role in the maintenance, testing, and continuous improvement of Zowie’s Business Continuity and Disaster Recovery (BCDR) plans.
- Policy & Documentation Management: develop, review, and update information security policies and procedures to ensure they are current, effective, and well-communicated.
- Stakeholder Reporting & Communication: manage and fulfill reporting responsibilities regarding GRC matters to customers, regulatory bodies, and internal stakeholders, ensuring transparency and compliance.
- Cross-Functional Collaboration: work closely with Engineering, Product, Sales, Legal, HR, and other teams to integrate GRC principles into their processes. Provide GRC expertise and guidance to internal stakeholders.
- Vendor Risk Management: Take ownership of Zowie’s vendor risk management program.
Ideally, you'll bring with you:
- Builder Mentality: You are excited by the opportunity to build and shape a GRC program from the ground up. You are proactive, resourceful, and can operate effectively in an environment where processes are still being defined.
- Strong Sense of Ownership: You take full responsibility for your work, see tasks through to completion, and are committed to achieving successful outcomes for the GRC program and the company.
- AI native: You incorporate AI into your daily work, allowing you to achieve unparalleled productivity.
- Exceptional Prioritization Skills: You can navigate a complex landscape of requirements, understand business objectives, and prioritize GRC efforts to deliver maximum impact.
- Strong Communication & Collaboration: You can clearly articulate complex GRC concepts to diverse audiences (technical and non-technical) and build strong working relationships across all levels of the organization to foster a culture of compliance.
- Pragmatism & Business Acumen: You understand the realities of a growing SaaS business and can implement robust GRC controls in a practical way that supports, rather than hinders, business agility and innovation.
- Sufficient Technical Aptitude: You possess a good understanding of SaaS architecture, cloud environments (e.g., AWS, Azure, GCP), and general IT concepts to effectively assess risks and controls.
- Relevant Experience: You have a proven track record in similar GRC roles, ideally within B2B SaaS companies, and direct experience with the frameworks critical to Zowie.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
11
1
0
Categories:
Compliance Jobs
Leadership Jobs
Tags: Audits AWS Azure Cloud Compliance GCP GDPR Governance HIPAA Risk management SaaS SOC SOC 2 Strategy
Perks/benefits: Career development Startup environment Team events Transparency
Regions:
Remote/Anywhere
Europe
Country:
Poland
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information System Security Officer jobsIT Security Analyst jobsSecurity Operations Engineer jobsSenior Cybersecurity Engineer jobsSenior Cloud Security Engineer jobsSenior Security Analyst jobsSenior Information Security Analyst jobsCyber Security Specialist jobsInformation Security Manager jobsSenior Product Security Engineer jobsSenior Network Security Engineer jobsSecurity Consultant jobsSenior Information Security Engineer jobsInformation System Security Officer (ISSO) jobsChief Information Security Officer jobsInformation Systems Security Engineer jobsSecurity Specialist jobsSenior Cyber Security Engineer jobsIT Security Engineer jobsCyber Threat Intelligence Analyst jobsSecurity Operations Analyst jobsSenior Software Engineer jobsSenior IT Auditor jobsCybersecurity Specialist jobsNetwork Engineer jobs
Bash jobsCEH jobsTS/SCI jobsEncryption jobsEDR jobsSDLC jobsSplunk jobsThreat detection jobsMalware jobsRMF jobsTerraform jobsFinance jobsIDS jobsSQL jobsTop Secret jobsCompTIA jobsForensics jobsITIL jobsIPS jobsSOC 2 jobsOWASP jobsActive Directory jobsDocker jobsClearance Required jobsGIAC jobs
CRISC jobsIntrusion detection jobsTCP/IP jobsOSCP jobsAnsible jobsHIPAA jobsVPN jobsMITRE ATT&CK jobsDoDD 8570 jobsZero Trust jobsData Analytics jobsJavaScript jobsSOAR jobsCCSP jobsSOX jobsBanking jobsIT infrastructure jobsJira jobsUNIX jobsDNS jobsIndustrial jobsNIST 800-53 jobsKPIs jobsCISO jobsMachine Learning jobs