Senior Governance, Risk, and Compliance (GRC) Specialist

About Glia

Glia is the #1 Banking AI platform, empowering community and regional financial institutions to create efficiencies, accelerate loan growth, drive deposits, and deliver experiences that win against megabanks and fintechs.

Glia's Banking AI Operating System is a central intelligence layer on top of existing tech stacks, activating an AI workforce of specialized agents that draw from banking data, interaction history, and integrated systems of record. These banking-trained agents automate workflows across voice and digital–from front office to back office–resulting in decreased operational costs and the Universal Banker model.

Trusted by 700+ banks and credit unions for its ironclad security and reliability, Glia delivers the industry’s first contractual no-hallucination guarantee. It’s why Glia customers quickly and confidently put Banking AI to work with measurable results from day one. More information about Glia can be found at glia.com.

We’re looking for a Senior GRC Specialist to play a critical role in maintaining, enhancing, and scaling our control environment. This position is key to strengthening our security compliance posture, increasing customer trust, and enabling company growth.

You will operate as a senior member of the Information Security & Compliance team, owning compliance initiatives end-to-end, leading audits, and acting as a trusted partner to both internal teams and external stakeholders.

• Own and lead compliance programs and audit processes (SOC 2, PCI DSS, GDPR, HIPAA/HITECH) from planning through successful completion.

• Drive evidence collection, documentation, and audit readiness, ensuring high-quality and timely delivery.

• Act as a primary point of contact for external auditors, customers, and prospects on security and compliance matters.

• Lead security discussions with enterprise customers, including deep-dive reviews and security questionnaires.

• Oversee internal and external assessments across systems, services, and teams.

• Own and evolve the Third-Party Risk Management program, managing and monitoring the security compliance of vendors and partners.

• Maintain, enhance, and scale security controls and compliance processes across the organization.

• Partner with engineering and product teams to translate compliance requirements into practical implementations.

• Track and drive remediation efforts, ensuring accountability and timely resolution.

• Produce and present audit and compliance reports to internal stakeholders and leadership.

• Act as a strategic advisor by promoting security awareness and staying ahead of evolving regulatory and compliance trends.
  

• 6+ years of experience in Information Security, Governance Risk & Compliance (GRC), Audit, or Risk Management.

• Strong hands-on experience with frameworks such as SOC 2, PCI DSS, GDPR, HIPAA/HITECH.

• Proven experience owning and leading audits and compliance initiatives.

• Experience working with cloud-based and distributed systems (preferably AWS).

• Strong project and stakeholder management skills, with the ability to manage multiple concurrent initiatives.

• Strong analytical and problem-solving skills, with a solution-oriented mindset.

• Ability to translate complex security and compliance concepts into clear documentation and business-friendly language.

• Strong communication skills with experience engaging both technical teams and external stakeholders.

• High level of curiosity, adaptability, and proactive ownership in navigating evolving security challenges.

• Excellent written and spoken English.

• Experience with ISO/IEC 27001 and ISO/IEC 42001.

• Relevant certifications such as CISA, CISM, CRISC, CISSP, ISO/IEC 27001 Lead Auditor, ISO/IEC 42001 Lead Auditor.

Glia is an equal-opportunity employer. Glia does not discriminate against any employee or applicant because of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), or any other basis protected by law.

The Glia Talent Acquisition team uses @glia.com and @gliatalent.com email addresses for coordinating interviews, providing updates, and sending documents.

Our hiring process involves an introduction, practical and team interviews, and a decision and offer. For more information, visit our Recruitment Privacy Notice page or contact our talent team via [email protected]