Sprinto logo
Sprinto

Sprinto helps SaaS companies become info-sec compliant, unblock sales deals, and pass security reviews easily

Senior GRC Consultant – Standard Frameworks

ComplianceComplianceFull TimeRemoteSeniorTeam 51-200Since 2020H1B No SponsorCompany SiteLinkedIn

Location

India

Posted

18 hours ago

Salary

0

Seniority

Senior

Professional Certificate5 yrs expEnglish

Job Description

Senior GRC Consultant – Standard Frameworks

Sprinto

• Own delivery for standard-framework engagements: ISO 27001 (implementation & surveillance), SOC 2 Type I/II readiness, GDPR, PCI DSS compliance programs, gap assessments, control/check mapping, internal audits, policy reviews, audit readiness support. • Run multiple concurrent client engagements to a consistent quality bar without close supervision. • Maintain and evolve templates, control-mapping libraries, workshop agendas, and QA rubrics for standard frameworks; keep them current as frameworks revise (ISO 27001:2022 transition-type updates, SOC 2 trust criteria changes, GDPR enforcement guidance). • Extend the library opportunistically to adjacent frameworks (HIPAA, PCI DSS, ISO 42001) as demand grows. • Define pricing/packaging for standard-framework engagements (fixed-fee tiers, retainer options). • Own utilization, margin, and delivery forecasting for your own engagement book. • Partner with Sales/SE/CS to attach and renew standard-framework services; support deal conversion where technical validation is needed. • Build and maintain AI-assisted playbooks for standard frameworks (gap assessment, control mapping, internal audit checklists). • Define structured input forms/checklists so juniors or AI-assisted workflows produce consistent first-draft output. • Set QA guardrails: mandatory source inputs, validation steps, human approval gates. • Establish acceptance criteria and review checkpoints for deliverables. • Flag scope creep early; escalate ambiguous liability questions rather than absorbing them silently.

Job Requirements

  • 5+ years in GRC/security consulting or in-house compliance program ownership.
  • Hands-on delivery track record across ISO 27001, SOC 2, and GDPR at minimum.
  • Comfortable running several concurrent client engagements.
  • Deep: ISO 27001, SOC 2 Type I/II, GDPR.
  • Working knowledge (nice to have): PCI DSS, HIPAA, ISO 42001 etc.
  • Demonstrated use of AI tools to reduce manual effort and standardize deliverables.
  • Able to translate domain expertise into reusable templates and guided systems.
  • Can own pricing/packaging, margin, and utilization for their own book without a manager doing it for them.
  • Strong written communication; confident running client workshops solo.
  • Good judgment in ambiguity, without scope creep.
  • Preferred: ISO 27001 LA/LI, CISA, or CISM.

Benefits

  • Work wherever you are: We are 100% remote, so you get to choose if you want to work from home, a cafe, the hills, or the beach.
  • Co-working, on the house: If co-working is your jam, we offer a generous annual allowance.
  • We care about your learning: We are invested in seeing you grow and commit USD 1,000 annually to help you level up your skills.
  • We count your spark, not your leaves: Unlimited leave so you can reset when you need to.
  • Your Safety Net, Woven In: Health insurance with coverage up to INR 10 lakh for you and your family, accident protection of an additional INR 10 lakh, and life insurance worth 3x your annual salary.
  • Workspace setup of your dreams: We chip in INR 35,000 to help you build a setup that works for you

Related Categories

Related Job Pages

More Compliance Jobs

Full TimeRemoteTeam 201-500H1B Sponsor

• Support the Senior Compliance Director to develop, administer and monitor the implementation of a CMS that ensures the Bank’s compliance with all laws and regulations applicable to its operations and product offerings. • Responsible for developing, implementing, and reporting on the monitoring and testing compliance program across the Core Bank and Fintech Partners, to provide oversight of compliance with federal, state, agency, and regulatory requirements. • Assists in developing and maintaining a comprehensive assessment of compliance risks throughout the Bank’s operations. • Develop and maintaining annual calendar of scheduled compliance testing and monitoring activities, informed by appropriate risk assessments. • Evaluate identified issues, including conducting a root cause analysis, and recommendations to improve policies, procedures, potential efficiencies, and controls. Complete validation for completed issues. • Develop clear and concise reporting of the results of compliance programs and communicate to Board, Management, Business Units and Partners. • Manage a team of Compliance professionals. Responsible for hiring, coaching and development. • Research, analyze, draw conclusions related to all federal and state rules and regulations and their applicability to Core Bank and Fintech Partners products, services, and systems. • Serve as an in-house subject matter expert to provide compliance advice and guidance to relevant Core bank staff and Fintech Partners, while addressing any compliance questions. • Assist with internal/external audit, and regulatory examinations requests. • Follow and comply with all regulatory and compliance regulations. • Provide internal service in accordance with Coastal Core Values. • Because we are a rapidly changing organization, there will be other duties as assigned.

United States
$146.2K - $195.2K / year
Urrly logo

Director of Compliance

Urrly

Empowering People and Property Management companies with future proof staffing solutions.

Compliance20 hours ago
Full TimeRemoteTeam 1-10H1B No Sponsor

Role Description Lead enterprise compliance for a fast-growing healthcare organization operating at the center of value-based care, population health, Medicare Advantage, Medicaid, risk adjustment, and home-based clinical operations. This is a senior compliance seat for someone who has worked inside a value-based care enabler or closely comparable model, not a broad hospital-only compliance role. The right candidate will understand how compliance actually works when clinical teams, nurse practitioners, payer requirements, risk adjustment documentation, multi-state Medicaid obligations, privacy, quality, audits, and executive governance all intersect. You will help build and run a compliance program that supports growth while protecting patients, providers, payers, and the business. What You Will Do - Lead and strengthen the enterprise compliance program across corporate and clinical compliance. - Maintain policies, standards, procedures, evidence, reporting, and governance aligned with OIG guidance and applicable federal and state healthcare requirements. - Conduct compliance risk assessments and help build annual compliance work plans. - Monitor regulatory changes and translate them into practical operating requirements. - Lead internal compliance investigations, root-cause analysis, corrective action plans, and follow-through. - Partner with Clinical Operations, Legal, HR, Information Security, Revenue Cycle, Quality, Credentialing, and Executive Leadership. - Support compliance with Medicare Advantage, Medicaid, CMS, telehealth, payer, and risk adjustment requirements. - Monitor clinical and provider compliance, including nurse practitioner scope of practice, collaboration agreements, supervision requirements, licensure, credentialing, privileging, and enrollment. - Support HIPAA Privacy and Security initiatives in partnership with Information Security. - Participate in CMS, Medicare Advantage, Medicaid, HIPAA, NCQA, URAC, payer, and related healthcare audits. - Develop compliance education and training for employees, providers, and leaders. - Build executive dashboards, compliance metrics, and Board-ready reporting. - Support M&A, integration, and expansion diligence from a compliance perspective when needed. Qualifications - Direct compliance experience in value-based care, population health, risk adjustment, Medicare Advantage, Medicaid, home-based care, or a comparable healthcare enablement environment. - 7+ years of progressively responsible healthcare compliance experience. - 3+ years in a compliance leadership role. - A progressive, explainable compliance career history with increasing scope, stable tenure, and current or recent work in a relevant healthcare environment. - Experience managing both corporate and clinical compliance programs. - Strong working knowledge of OIG Compliance Program Guidance, CMS requirements, Medicare Advantage, Medicaid, HIPAA, Fraud, Waste & Abuse, Stark Law, Anti-Kickback Statute, telehealth regulations, provider licensure, credentialing, and nurse practitioner scope-of-practice requirements. - Experience leading internal investigations, audits, regulatory inquiries, and corrective action plans. - Ability to translate complex regulatory requirements into practical operating processes. - Strong executive communication, judgment, documentation, and cross-functional leadership. - Comfort operating in a growing, multi-state healthcare organization where compliance needs to be both rigorous and practical. Nice To Have - Experience with organizations similar to value-based care enablement, home assessment, population health, or risk adjustment platforms. - Experience supporting Medicaid compliance across multiple states. - Certified in Healthcare Compliance (CHC), Certified Compliance & Ethics Professional (CCEP), JD, MHA, MPH, MBA, or another relevant advanced credential. - Experience with CMS, NCQA, URAC, Medicaid, Medicare Advantage, HIPAA, payer, or related healthcare audits. - Experience building compliance dashboards, Board reporting, Power BI reporting, or other executive-level metrics. - Experience with M&A diligence, integration, or rapid multi-state expansion. - Experience thinking through appropriate AI usage and safeguards in a regulated healthcare environment. Location This is a remote U.S. role with occasional travel as needed for leadership, audit, clinical, or integration work. Compensation The expected compensation range is $140,000 to $160,000 base salary, plus a bonus tied to successful audits and compliance outcomes. Interview Process Qualified candidates will complete a video interview with Urrly focused on value-based care compliance depth, Medicare Advantage and Medicaid exposure, clinical/provider compliance, investigations, audit readiness, governance, executive communication, and compensation/logistics alignment. Strong candidates may then be introduced to the client team for additional conversations. Apply Apply now and get a response within 24 hours.

United States
$140K - $160K / year
Gemini logo

Head of Compliance

Gemini

Gemini is a next generation cryptocurrency platform that allows customers to buy, sell, store and earn crypto.

Compliance20 hours ago
Full TimeRemoteTeam 501-1,000Since 2014H1B Sponsor

• Provide compliance advisory and support to the broker-dealer business and oversee the development of the broker-dealer compliance program • Oversee the FCM compliance program, including the firm's risk management program and annual CCO report • Oversee daily customer segregation computations and related financial and regulatory filings across both the broker-dealer and FCM • Supervise trade and market surveillance across the firm's securities and derivatives products • Serve as the primary point of contact for FINRA, NFA, SEC, and CFTC exams and inquiries • Maintain the firm's AML program covering both broker-dealer and FCM activities • Draft, maintain, and implement Written Supervisory Procedures and other internal policies and procedures • Collaborate cross-functionally with technology, product, and legal teams on trading system operations to ensure compliance with regulation and regulatory expectations • Advise on core compliance matters including registrations, employee trading, outside business activities, and continuing education requirements • Review and approve advertising, marketing, and sales materials

California + 2 moreAll locations: California | New York | Washington
$150.5K - $279.5K / year
Affirm logo

Manager, Privacy Compliance

Affirm

We create honest financial products that improve lives.

Compliance21 hours ago
Full TimeRemoteTeam 1,001-5,000Since 2012H1B Sponsor

• Support oversight of the existing Privacy compliance program across jurisdictions, with primary focus on U.S. requirements and alignment to global privacy obligations, where required suggest improvements. • Translate Legal guidance and regulatory requirements into policies, standards, and control expectations, ensuring clear articulation of compliance requirements for first-line teams. • Provide oversight and maintain existing governance frameworks and standards for core privacy program areas, including: • Data subject rights (DSAR) processes and SLAs • Data protection impact assessment (DPIA) governance and documentation standards • Consent and preference management expectations • Data retention and deletion requirements • Partner with Product and Engineering to advise on and review the design and implementation of privacy controls, ensuring alignment to regulatory expectations while maintaining second-line independence. • Provide independent oversight and effective challenge of first-line privacy control environments, including review of control design, identification of gaps, and tracking of remediation actions. • Oversee privacy incident and breach response processes from a governance perspective, including review of escalation, documentation, and outcomes, in coordination with Legal on notification requirements. • Maintain privacy risk registers and support risk assessment processes, including DPIA oversight, issue identification, and remediation tracking. • Monitor adherence to privacy requirements and control expectations, including data subject rights processes, consent management, and regulatory obligations, and escalate issues where gaps are identified. • Support audits, regulatory examinations, and bank partner reviews by coordinating second-line input, reviewing materials, and tracking remediation actions. • Produce and contribute to privacy monitoring and governance reporting, including metrics and risk summaries for management and risk committees (e.g., RMC, CRMC). • Partner with third-party risk functions to provide second-line oversight of privacy considerations in vendor and merchant onboarding and monitoring processes. • Collaborate with international compliance and DPO functions to support consistent application of privacy governance frameworks, without assuming DPO accountability. • Support privacy training and awareness by defining requirements and reviewing program effectiveness in coordination with first-line execution teams.

California + 4 moreAll locations: California | Connecticut | New Jersey | New York | Washington
$165K - $225K / year