Senior Governance, Risk, and Compliance (GRC) Specialist

About Glia

Glia is the leading AI customer service solution for banks and credit unions. Our platform unifies AI and human agents across every voice and digital conversation through our proprietary ChannelLess® Architecture. With AI for All™, organizations overcome the tradeoff between efficiency and experience by using AI to automate conversations and elevate service operations.

Valued at over $1 billion and named a Deloitte Technology Fast 500™ company for five consecutive years, Glia powers over 700 financial institutions and maintains an industry-leading 72 NPS. We're also certified as a Great Place to Work, with 98% employee satisfaction.

We’re looking for a Senior GRC Specialist to play a critical role in maintaining, enhancing, and scaling our control environment. This position is key to strengthening our security compliance posture, increasing customer trust, and enabling company growth.

You will operate as a senior member of the Information Security & Compliance team, owning compliance initiatives end-to-end, leading audits, and acting as a trusted partner to both internal teams and external stakeholders.

• Own and lead compliance programs and audit processes (SOC 2, PCI DSS, GDPR, HIPAA/HITECH) from planning through successful completion.

• Drive evidence collection, documentation, and audit readiness, ensuring high-quality and timely delivery.

• Act as a primary point of contact for external auditors, customers, and prospects on security and compliance matters.

• Lead security discussions with enterprise customers, including deep-dive reviews and security questionnaires.

• Oversee internal and external assessments across systems, services, and teams.

• Own and evolve the Third-Party Risk Management program, managing and monitoring the security compliance of vendors and partners.

• Maintain, enhance, and scale security controls and compliance processes across the organization.

• Partner with engineering and product teams to translate compliance requirements into practical implementations.

• Track and drive remediation efforts, ensuring accountability and timely resolution.

• Produce and present audit and compliance reports to internal stakeholders and leadership.

• Act as a strategic advisor by promoting security awareness and staying ahead of evolving regulatory and compliance trends.
  

• 6+ years of experience in Information Security, Governance Risk & Compliance (GRC), Audit, or Risk Management.

• Strong hands-on experience with frameworks such as SOC 2, PCI DSS, GDPR, HIPAA/HITECH.

• Proven experience owning and leading audits and compliance initiatives.

• Experience working with cloud-based and distributed systems (preferably AWS).

• Strong project and stakeholder management skills, with the ability to manage multiple concurrent initiatives.

• Strong analytical and problem-solving skills, with a solution-oriented mindset.

• Ability to translate complex security and compliance concepts into clear documentation and business-friendly language.

• Strong communication skills with experience engaging both technical teams and external stakeholders.

• High level of curiosity, adaptability, and proactive ownership in navigating evolving security challenges.

• Excellent written and spoken English.

• Experience with ISO/IEC 27001 and ISO/IEC 42001.

• Relevant certifications such as CISA, CISM, CRISC, CISSP, ISO/IEC 27001 Lead Auditor, ISO/IEC 42001 Lead Auditor.
  

• A fast-growing, high-impact environment where you can drive meaningful improvements in security and compliance.

• High level of ownership, autonomy, and influence.

• Collaborative and mission-driven culture.

• Team events, offsites, and travel opportunities.

• Free gym membership (with a fun commitment to use it!).

• Diverse international team (18+ languages, 11+ nationalities).

• Competitive salary and benefits.

Glia is an equal-opportunity employer. Glia does not discriminate against any employee or applicant because of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), or any other basis protected by law.

The Glia Talent Acquisition team uses @glia.com and @gliatalent.com email addresses for coordinating interviews, providing updates, and sending documents.

Our hiring process involves an introduction, practical and team interviews, and a decision and offer. For more information, visit our Recruitment Privacy Notice page or contact our talent team via [email protected]