Director, GRC, Privacy, Trust

Summary

Join 1Password's Security Team as a Security Leader to grow and mature the Governance, Risk, Compliance (GRC), Privacy, & Trust function. Lead and expand a high-performing team, focusing on audit and compliance, risk management, security governance, privacy engineering, and customer trust. Partner with other leaders across security and the company to drive security outcomes. This remote opportunity (Canada/US) requires 8+ years leading GRC and privacy programs, including experience with international audits and various compliance frameworks (SOC 2 Type II, ISO 27001, etc.). You will report directly to the VP, Security/CISO. The role involves developing and maintaining information security and privacy policies, overseeing certification processes, and managing third-party risk. Successful candidates will demonstrate exceptional communication skills and experience leading company-wide compliance initiatives.

Requirements

• Experience: 8+ years leading GRC and privacy programs, including experience with international audits, risk management frameworks, and privacy regulations
• 5+ years experience managing individual contributors as well as experience managing other managers
• Proven expertise in policy development, risk assessment, compliance monitoring, and privacy program management
• Passion for fostering psychological safety and stability in complex compliance environments
• Hands-on experience with various information security and privacy compliance frameworks such as SOC 2 Type II, ISO 27001, FedRAMP, CMMC, GDPR, and CPRA
• Experience with security and privacy automation tools for compliance monitoring and knowledge management
• Experience leading company-wide compliance initiatives, securing buy-in for security and privacy policies, and leading cross functional programs
• Experience partnering on customer contracts, including security addendums and compliance terms, balancing customer expectations and business needs
• Exceptional written and verbal communication skills with ability to communicate effectively with executives, legal counsel, and stakeholders
• Experience managing third-party risk, vendor assessments, and external auditors

Responsibilities

• Lead and mentor the GRC and Privacy Engineering team, fostering career growth and high performance
• Drive the organization's risk management strategy and oversee the implementation of risk assessment frameworks
• Develop and maintain information security and privacy policies, ensuring regular reviews and updates
• Establish strong partnerships across departments to align on security and compliance initiatives
• Engaging with customers, in partnership with Sales and Legal, to represent security in RFPs, due diligence, and security assessments
• Oversee 1Password’s various information security and privacy certification processes ensuring compliance with relevant frameworks and regulations
• Monitor and report on compliance metrics and program effectiveness
• Partner with legal and security teams to assess and mitigate business, technical, and regulatory risks
• Oversee relationships with external auditors and consultants

Benefits

• Impactful Work: Play a pivotal role in growing 1Password's governance, risk, compliance, and privacy programs
• Innovative Culture: Join a team that values creativity, innovation, and an entrepreneurial spirit
• Career Growth: Access ample opportunities for professional development and leadership growth in a rapidly expanding sector
• USA-based roles only: The Annual base salary for this role is between $258,000 USD and $350,000 USD, plus immediate participation in 1Password's benefits program (health, dental, 401k and many others), utilization of our generous paid time off, an equity grant and, where applicable, participation in our incentive programs
• Canada-based roles only: The Annual base salary for this role is between $242,000 CAD and $328,000 CAD, plus immediate participation in 1Password’s generous benefits program (health, dental, RRSP and many others), utilization of our generous paid time off, an equity grant and, where applicable, participation in our incentive programs
• ���� Maternity and parental leave top-up programs
• ���� Generous PTO policy
• ���� Four company-wide wellness days
• ���� Company equity for all full-time employees
• ���� Retirement matching program
• ���� Free 1Password account
• ���� Paid volunteer days
• ���� Employee-led inclusion and belonging programs and ERGs
• ���� Peer-to-peer recognition through Bonusly