SimScale makes high-fidelity engineering simulation truly accessible. From anywhere. At any scale. In the cloud.
Principal Governance, Risk and Compliance (GRC) Architect
Location
Worldwide
Posted
4 days ago
Salary
0
Seniority
Lead
Job Description
Principal Governance, Risk and Compliance (GRC) Architect
SimScale
• Maintain Continuous Observation: Uphold our SOC 2 Type II standard using automated monitoring to ensure compliance is a constant state, not an annual event. • Technical Infrastructure Strategy: Directly satisfy the high-bar technical requirements of ITAR and FedRAMP. • Bridge the "Speed vs. Standard" Gap: Act as a technical enabler for the Engineering team, designing and implementing controls (e.g., change management, access reviews) that satisfy auditors but don’t bottleneck our Engineering or DevOps teams. • Lead Global Expansion: Architect and execute the technical and procedural implementation of TISAX, ITAR, and FedRAMP. • GDPR Stewardship: Act as the internal authority on privacy, ensuring our data mapping and PIAs remain current without adding unnecessary friction. • Customer Trust & Sales Support: Join calls with customer Infosec counterparts and handle technical vendor questionnaires to prove our security posture can be trusted by the world’s most demanding organizations. • Individual Contributor Ownership: Act as a "department of one". You will write the policies, perform the risk assessments, and manage the audits yourself.
Job Requirements
- Technical AWS Depth: You understand how to configure AWS beyond simple evidence collection.
- Standard Mastery: Expert-level knowledge in at least two of: TISAX, ITAR, or FedRAMP.
- Privacy & AI Knowledge: A deep, working knowledge of GDPR and an active interest in the evolving landscape of AI regulation.
- The "Translator" Skillset: You can translate rigid regulatory requirements into actionable technical tasks that make sense to a developer.
- Independence: You are energized by "getting your hands dirty" and owning the full lifecycle of a program without a team to delegate to.
- Communication: Exceptional English skills; able to negotiate effectively with both internal engineers and external auditors.
Benefits
- Enjoy flexible hours and the freedom to work remotely from anywhere in the world.
- Access comprehensive health coverage, retirement plans, paid time off, and wellness support.
- Stay active with subsidized gym memberships, sports meetups, and wellness programs.
- Grow as a professional with online/offline learning, language courses, and tech talks.
- Connect at team events, join support groups, and contribute to our ESG and DE&I initiatives.
- Participate in fun team challenges and competitions for added excitement and team spirit.
- Multicultural team (35+ nationalities), flexible work, relocation and visa support where applicable.
Related Guides
Related Categories
Related Job Pages
More Compliance Jobs
• Support the Alaska AOA PEIS process, including internal, regional, and cross-agency coordination. • Assist with the review and preparation of NEPA and PEIS documents, analyses, comments, and supporting materials. • Coordinate with NOAA divisions, Cooperating Agencies, the Office of Aquaculture, General Counsel, the Alaska Fisheries Science Center, and other federal partners. • Provide technical assistance and review support for aquaculture-related ESA Section 7 and EFH consultations. • Compile, synthesize, analyze, and manage scientific and environmental data supporting the AOA PEIS and Alaska Aquaculture Explorer webtool. • Conduct technical research and compile aquaculture information, scientific literature citations, webinars, presentations, and other resources. • Support aquaculture projects where the Alaska Regional Office serves as the lead federal agency, including working groups, environmental reviews, NEPA activities, and permitting coordination. • Schedule meetings, prepare agendas, take notes, maintain Google Docs files, and track action items and project deliverables. • Support the Alaska Interagency Working Group and Cooperating Agencies through meeting coordination, documentation, and facilitation assistance. • Assist with public comment periods, webinars, FAQs, outreach materials, and internal and external AOA process messaging. • Support government-led tribal consultation and engagement activities with Alaska tribal governments and corporations. • Participate in meetings with federal and state agencies, applicants, permittees, industry groups, special interest groups, tribal representatives, and researchers. • Assist with reviewing other aquaculture-related NEPA documents and proposed aquaculture activities and provide technical comments as requested. • Prepare draft responses to aquaculture-related inquiries for government review and approval. • Attend and/or present aquaculture information at local and regional coordination meetings, staff meetings, and workshops.
Environmental Compliance Analyst
Univar SolutionsUnivar Solutions is a leading chemical and ingredient distributor. The company also provides a variety of services to its customers, including telemetry service
Title: Environmental Compliance Analyst Location: Dublin, OH, US, 43016 Workplace: Environmental Compliance Analyst Department: Sales Job Description: Requisition ID: 35427 A Place Where People Matter. Start your career journey with Univar Solutions! Here you can make an impact on the world around you and accelerate your career in areas that energize and excite you. Primary Purpose The Environmental Compliance Analyst plays a critical role in ensuring the safe, compliant, and efficient management of customer waste materials within the chemical waste disposal line of business. This position requires knowledge of hazardous waste identification, profiling, and regulatory compliance. The ideal candidate brings experience in the waste industry and/or laboratory chemistry, with the ability to interpret chemical compositions, Safety Data Sheets (SDS), and analytical testing results to accurately classify and manage waste streams. This role assists in ensuring regulatory compliance and strengthening relationships with customers and vendors. What You’ll Do: - Waste Profiling Assistance: Contribute to the profiling process by collecting required information and preparing materials for review, helping maintain compliance with EPA, RCRA, DOT, and state regulations. - Regulatory Compliance: Assign accurate RCRA waste codes, DOT classifications, state specific codes, Form and Source codes, and other regulatory requirements for all waste streams with some guidance. - Leverage Technical Experience: Conduct reviews of Safety Data Sheets (SDS), analytical data, and chemical compositions to support regulatory compliance, including proper handling, storage, and disposal practices. - Support Vendor Relationships: Review vendor profiles to ensure compliance, resolve discrepancies with some guidance, and drive timely approvals. - Provide Technical Support and Guidance: Offer regulatory guidance to the sales teams, customers, and internal branches on waste characterization, regulatory requirements, and disposal options. Foster relationships with sales teams and customers to enhance the profiling experience to drive compliance. - Data Integrity: Maintain accurate waste stream data in profiling portals, vendor forms, and vendor systems to ensure compliance and integrity. - Optimize TSDF Selection: Analyze supply plans, vendor capabilities, and geographic considerations to select appropriate treatment, storage, and disposal facilities (TSDFs) with some guidance. - Monitor Cost and Margin: Validate technical approvals, review technology changes, and confirm disposal facility costs to obtain gross margin targets. - Strive for Continuous Improvement: Monitor regulatory changes and industry best practices to strengthen compliance processes. Support annual RCRA and DOT refresher training as required. What You’ll Need: - Bachelor’s degree in Environmental Science, Chemistry, Biology, or related field preferred. - Minimum of 2+ years of experience in hazardous waste management or a related technical role. - Strong understanding of RCRA, DOT, and state-specific regulations - Experience in hazardous waste identification and accurate application of regulatory codes. - Experience in interpreting SDS and evaluating chemical analyses for waste profiling. - Strong attention to detail and organizational skills. - Strong communication skills for effective interaction with internal and external stakeholders. - Competence in data entry and compliance documentation systems. - Ability to thrive in a fast-paced environment and adapt priorities to meet business objectives. Where You will Work: - This is a hybrid-based role that will report out of our Dublin, OH location Pay & Benefits: - The specific salary offered to a candidate may be influenced by a variety of factors including the candidate’s relevant experience, education, training, certifications, qualifications, and work location - Available employee benefits include health, vision, dental coverage, along with industry-leading retirement and time off programs What You Can Expect: - Strong work/life flexibility - To be surrounded by an inclusive team who is collaborative and committed to the achievement of the company - To be rewarded for your contributions with a targeted annual company bonus (if applicable to your role) and annual salary reviews - Competitive pay and benefits Univar Solutions is a leading, global distributor of chemicals and ingredients essential to the safety, health, and wellbeing of our daily lives from life-saving medicines and vitamins to hand sanitizers and industrial materials used for cleaning, construction, and more. Our global team of more than 9,500 employees support our vision to redefine distribution and be the most valued chemical and ingredient distributor on the planet! We offer a Total Rewards package that includes market aligned pay and incentives as well as a diverse benefits offering to support our employees’ physical, emotional, and financial wellbeing. Univar Solutions supports sustainable solutions for the world around us so that we can do our part to help keep our communities healthy, fed, clean, and safe! We are committed to a diverse workforce and a culture of inclusion. Together, we are building a culture that acknowledges the unique experiences, perspectives and expertise of individuals and provides the development and growth opportunities to empower us to redefine our industry. Univar Solutions is an equal opportunity employer. All qualified applicants will receive consideration for employment and will not be discriminated against based on their race, gender, sexual orientation, gender identity, religion, national origin, age, disability, veteran status, or other protected classification. We are committed to working with and providing reasonable accommodations to individuals with disabilities. Univar Solutions does not accept unsolicited resumes from recruiters, employment agencies, or staffing firms (collectively Recruiting Firms). Recruiting Firms must enter into a Master Services Agreement (MSA) with Univar Solutions prior to submitting any information relating to a potential candidate. All searches must be initiated by Univar Solutions' Talent Acquisition team and candidates must be submitted via Applicant Tracking System (ATS) by approved vendors who have been expressly requested to make a submission for a specific job opening. No placement fees will be paid to any firm unless the aforementioned conditions have been met. Contacting our hiring managers directly is prohibited. #LI-JM1
Principal Governance, Risk and Compliance (GRC) Architect
SimScale GmbHSimScale - revolutionising the way engineers design and validate their products.
Role Description We are looking for a Principal GRC Architect who can solve a unique challenge: How do we maintain "gold-standard" security certifications without killing our "ship-fast" culture? We are already under continuous observation for SOC 2 Type II and are GDPR compliant. We are now ready to evolve toward the most rigorous standards in the industry: TISAX, ITAR, and FedRAMP. This is a hands-on, individual contributor role. You will be the architect of the system and the person turning the gears, designing the roadmap and then personally implementing the controls. Your mission is to reconcile the rigidity of international standards with the agility of a fast-paced software company. You aren't here to create bureaucracy; you’re here to engineer compliance directly into our AWS infrastructure. Core Responsibilities - Maintain Continuous Observation: Uphold our SOC 2 Type II standard using automated monitoring to ensure compliance is a constant state, not an annual event. - Technical Infrastructure Strategy: Directly satisfy the high-bar technical requirements of ITAR and FedRAMP. This includes managing the transition to/oversight of AWS GovCloud, defining network security boundaries, and ensuring encryption and IAM standards meet federal requirements. - Bridge the "Speed vs. Standard" Gap: Act as a technical enabler for the Engineering team, designing and implementing controls (e.g., change management, access reviews) that satisfy auditors but don’t bottleneck our Engineering or DevOps teams. - Lead Global Expansion: Architect and execute the technical and procedural implementation of TISAX, ITAR, and FedRAMP. - GDPR Stewardship: Act as the internal authority on privacy, ensuring our data mapping and PIAs remain current without adding unnecessary friction. - Customer Trust & Sales Support: Join calls with customer Infosec counterparts and handle technical vendor questionnaires to prove our security posture can be trusted by the world’s most demanding organizations. - Individual Contributor Ownership: Act as a "department of one". You will write the policies, perform the risk assessments, and manage the audits yourself. Qualifications - Technical AWS Depth: You understand how to configure AWS beyond simple evidence collection. You are familiar with GovCloud, VPC isolation, network security, and IAM architecture. - Standard Mastery: Expert-level knowledge in at least two of: TISAX, ITAR, or FedRAMP. You have previously led a company through these audits or were responsible for maintaining their compliance. - Privacy & AI Knowledge: A deep, working knowledge of GDPR and an active interest in the evolving landscape of AI regulation. - The "Translator" Skillset: You can translate rigid regulatory requirements into actionable technical tasks that make sense to a developer. - Independence: You are energized by "getting your hands dirty" and owning the full lifecycle of a program without a team to delegate to. - Communication: Exceptional English skills; able to negotiate effectively with both internal engineers and external auditors. Benefits - A direct seat at the table: full ownership of the compliance and GRC roadmap. - Your work directly enables our largest enterprise and government deals: measurable, visible business impact. - Enjoy flexible hours and the freedom to work remotely from anywhere in the world. - Access comprehensive health coverage, retirement plans, paid time off, and wellness support. - Stay active with subsidized gym memberships, sports meetups, and wellness programs. - Grow as a professional with online/offline learning, language courses, and tech talks. - Connect at team events, join support groups, and contribute to our ESG and DE&I initiatives. - Participate in fun team challenges and competitions for added excitement and team spirit. - Multicultural team (35+ nationalities), flexible work, relocation and visa support where applicable. Company Description SimScale - revolutionising the way engineers design and validate their products.
• Assisting in the management of the lifecycle of controlled documents in Qualio (our QMS system), driving authors to meet review and approval deadlines. • Support standard operational procedures, work instructions, medical device technical documents and template drafting. • Assign training and track completion for document updates. • Help organise internal quality records, logs and dashboards. • Support with internal and external audits against ISO 13485 and ISO/IEC 27001 standards. • Support Corrective and Preventative Actions (CAPAs), Non-Conformances (NC), change controls and follow up actions, including timely and structured root cause analysis (e.g. 5 whys, fishbone) and tracking effectiveness. • Drive audit readiness by maintaining organised evidence logs aligned to ISO 13485 and ISO 27001 requirements and contributing to ongoing quality assurance activities. • Coordinate the collection of Post-Market Surveillance (PMS) inputs. • Support risk register updates and Design History Files. • Contribute to Management Review quality reporting. • Support with Supplier Onboarding, Supplier Evaluation Reports and ongoing supplier monitoring. • Conduct quality checks on our medical device components and logistics providers, escalating non conformances independently.


