Member of Technical Staff, Governance Risk Compliance

Member of Technical Staff, Governance Risk Compliance

Palo Alto, CA;
Washington, D.C.

xAI’s mission is to create AI systems that can accurately understand the universe and aid humanity in its pursuit of knowledge. Our team is small, highly motivated, and focused on engineering excellence. This organization is for individuals who appreciate challenging themselves and thrive on curiosity. We operate with a flat organizational structure. All employees are expected to be hands‑on and to contribute directly to the company’s mission.

Leadership is given to those who show initiative and consistently deliver excellence. Work ethic and strong prioritization skills are important. All engineers are expected to have strong communication skills. They should be able to concisely and accurately share knowledge with their teammates.

xAI is seeking an experienced and strategic Governance, Risk, and Compliance (GRC) Lead to design, implement, and oversee our GRC framework particularly as we expand into government and public sector applications of AI. This critical role will ensure that xAI operates within regulatory, ethical, operational, and federal boundaries while fostering a culture of integrity and resilience. You will collaborate with cross‑functional teams to safeguard our mission‑driven work in AI development and deployment, including support for sensitive and classified environments.

• Develop and maintain a robust governance framework to support xAI’s strategic objectives and ensure alignment with industry best practices, including federal and DoD standards.
• Establish policies, procedures, and controls to guide ethical AI development, data usage, corporate decision‑making, and security configurations.
• Partner with leadership, product, engineering, security, operations, people operations, and legal teams to integrate governance principles into product development, operational processes, and the implementation of new technical, administrative, and operational controls.
• Lead security compliance implementation and audits (e.g., ISO 27001/42001, SOC2, FedRAMP HIGH, DoD Cloud Computing SRG IL5/IL6, NIST 800‑53 rev 5, NIST 800‑171/CMMC, Risk Management Framework).
• Work with 3
  
  PAOs (Third‑Party Assessment Organizations) and federal government Authorizing Officials (AOs) to achieve compliance certifications, reports, and Authorized to Operate (ATO) status.
• Identify, assess, and prioritize risks related to AI operations, cybersecurity, regulatory compliance, intellectual property, and cloud deployments.
• Design and implement risk mitigation strategies, including monitoring systems, contingency plans, vulnerability scans, Plan of Action and Milestones (POAMs), and STIGs.
• Ensure the implementation, oversight, monitoring, and maintenance of security configurations, practices, and procedures throughout the project lifecycle.
• Serve as a liaison between system owners, security personnel, and cross‑functional teams to facilitate effective communication, collaboration, and control implementation.
• Lead Risk Management Assessment and Authorization (A&A) processes, cloud system risk assessments, compliance reviews for new products/changes/features, and process enhancements.
• Conduct regular risk assessments, scenario analyses, and proactive evaluations of emerging threats, certifications, requirements, and technologies in the AI landscape.
• Monitor regulatory developments and advise leadership on their impact on xAI’s operations and product roadmap.
• Oversee audits, certifications, third‑party assessments, and vulnerability management to maintain compliance and operational credibility.
• Act as a subject matter expert, providing guidance on risk, compliance, and cybersecurity matters; translate business and technical risks for leadership.
• Create and present regular reports on GRC performance, risks, and compliance status to senior leadership and stakeholders.

• Previous systems engineering experience strongly preferred
• Must have the ability to evaluate control objectives with IT configurations
• Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field
• Certifi…