Senior GRC Expert
Job in
Austin, Travis County, Texas, 78719, USA
Listed on 2026-06-01
Listing for:
Forcepoint
Full Time
position Listed on 2026-06-01
Job specializations:
-
IT/Tech
Cybersecurity, Information Security, Data Security, IT Consultant
Job Description & How to Apply Below
Forcepoint simplifies security for global businesses and governments. Forcepoint's all-in-one, truly cloud-native platform makes it easy to adopt Zero Trust and prevent the theft or loss of sensitive data and intellectual property no matter where people are working. 20+ years in business. 2.7k employees. 150 countries. 11k+ customers. 300+ patents. If our mission excites you, you're in the right place; we want you to bring your own energy to help us create a safer world.
All we're missing is you!
Job Title:
Senior GRC Expert (Information Security)
Position Type:
Individual Contributor
Reporting To:
Director, Governance, Risk, and Compliance (GRC)
Department:
Information Security
Location:
Austin, Texas (in office 2x a week)
Role Overview
The Senior GRC Expert is a key contributor within Forcepoint's GRC team. As part of the Information Security organization, this role is focused on ensuring alignment with compliance frameworks, regulatory requirements, industry standards, and internal security policies with a focus on enablement through scalable, automated, and audit-ready compliance operations. This role manages the team's compliance program through preparation and leading security audits, developing and maintaining control design and automation, and partnering with cross-functional teams to sustain a strong security and governance and compliance posture in a cloud-based product environment.
The ideal candidate brings strong technical and analytical skills, hands-on cloud security experience (preferably AWS), and a proven track record of successfully preparing for and managing audits (e.g., ISO and SOC2, Type
2). This role requires the ability to clearly communicate security requirements across technical and non-technical teams and to drive compliance through collaboration and influence.
Key Responsibilities
Governance & Compliance
* Serve as the subject matter expert for information security compliance programs to support existing and new certifications, attestations, and self-assessment requests.
* Plan and manage internal and external audits for ISO (27001, 27017, 27018, 27701), SOC 2.
* Design, implement, and maintain security controls mapped to corporate policies and control frameworks (ISO, SOC 2, CIS, NIST 800-53, NIST CSF, ITGC, etc.).
* Own daily administration of the GRC compliance platform, including control monitoring, evidence management, and audit workflows.
* Partner with cross-functional teams to ensure controls are operating effectively and evidence is collected consistently.
* Track, report, and present compliance metrics and Key Risk Indicators (KRIs) to leadership.
* Conduct annual reviews and updates of information security policies, standards, and procedures.
* Support compliance with security-related awareness and training programs focused on onboarding, annual training, and policy acknowledgments.
* Respond to customer security questionnaires and documentation requests.
Risk Management
* Support compliance-related risk assessments, policy exception requests, and remediation planning.
* Coordinate with security and business teams to close compliance gaps and improve the company security posture.
* Provide support for business continuity and disaster recovery (BC/DR) governance and compliance activities.
Success Measures
* Establish strong, trusted partnerships with internal stakeholders across business and technical teams. Educate and assist stakeholders responsible for supporting compliance controls so support engagement and alignment.
* Improved efficiency and maturity of GRC processes through automation and tooling.
* Successful, timely completion of audits and certifications.
* Measurable progress in GRC program maturity and transformation initiatives.
* Flexibility to support occasional off-hours work during audits or critical business needs.
Qualifications & Experience
* Bachelor's degree preferred, or equivalent education and experience.
* 5+ years of experience in information security or GRC; 3+ years in a cloud product environment preferred (ideally AWS).
* Demonstrated experience leading ISO and SOC 2 audits.
* Strong knowledge of security frameworks and controls (e.g., ISO 27001, SOC 2, CIS, NIST 800-53) and the ability to support additional compliance framework requests.
* Ability to communicate security requirements clearly across all levels of the organization.
* Experience defining, reporting, and presenting risk metrics and KRIs.
* Industry certifications (e.g., CISSP, CISM, GIAC) are a plus.
* Collaborative, detail-oriented, and comfortable driving change through influence.
Forcepoint is committed to fair and equitable compensation practices. The salary range and variable compensation for this role is - and represents the low and high end of compensation for this position. Actual salaries are determined by various factors including, but not limited to, location, experience, and performance. The range listed is just one component of Forcepoint's total compensation package for…
Position Requirements
10+ Years
work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×