×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Governance Risk Compliance; GRC Manager

Job in Vienna, Fairfax County, Virginia, 22184, USA
Listing for: Antithesis Operations LLC
Full Time position
Listed on 2026-06-04
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 80000 - 120000 USD Yearly USD 80000.00 120000.00 YEAR
Job Description & How to Apply Below
Position: Governance Risk Compliance (GRC) Manager

About Antithesis

We provide a platform that helps engineering teams identify and resolve bugs that traditional testing approaches miss. Antithesis runs your entire system in a deterministic simulation, breaks it in every way imaginable, and hands you a root cause and a perfect reproduction — no flaky tests, no false positives, no "works on my machine". This allows engineering teams to debug faster and ship with greater confidence.

The rise of AI-generated code has made what we do more important than ever. Agents can write code faster than any human — but faster code isn't better code if it's buggy, stuck in review, or issues are slipping through the cracks undetected. The verification bottleneck is real and it's growing. This is exactly the problem Antithesis exists to solve. We've been quietly reinventing how the world thinks about software reliability, and we're just getting started.

We're well-funded, deeply technical, and building a platform that tackles one of the most complex yet important problems in modern software engineering. If that sounds like fun to you, keep reading.

About the Role

We are looking for our first dedicated GRC hire. This is an ownership, hands-on role.

You will build and run our compliance program end-to-end — not as a support function, but as a core part of how we earn and keep customer trust. At a company like ours, where enterprise customers need to trust us with their most sensitive infrastructure, GRC is a sales function as much as it is an operational one.

A note on what we mean by "ownership." This is not a role where you maintain a checklist someone else built. You will own the GRC calendar, the Vanta instance, the policy library, the audit evidence, and the security questionnaire queue. If something in our compliance posture is broken, that's yours to fix. If a deal is stalling because a prospect has a 40-question security questionnaire, you're the one who unblocks it.

This is an individual contributor role. It is not a CISO, not a security engineering role, and not a penetration tester. You will not own security architecture or vulnerability management — but you will need strong enough relationships with the people who do to keep those programs feeding your compliance work on time.

This role will initially report to the VP, Strategic Initiatives within the Operations team, with a strong dotted line to the Head of Infrastructure. Within the first ~3-6 months, we will collaboratively identify the long-term reporting structure for this role. This role will work closely with Operations, Legal, People (HR), Engineering, and IT.

What You'll Own SOC 2 & Audit Management
  • Own our SOC 2 audit end-to-end, including the transition from point-in-time to a rolling 12-month window
  • Serve as the primary liaison with our external auditors
  • Maintain the evidence repository and ensure controls are documented, tested, and current
  • Own and maintain Vanta as the system of record for our compliance program
Policy & Controls
  • Maintain and continuously improve our policy library — keeping policies accurate, readable, and actually followed
  • Run the GRC calendar: tabletop exercises, prepare security committee meetings, security awareness training, and annual reviews
  • Identify control gaps and drive remediation across Engineering, IT, HR, and Operations
Trust Center & Customer-Facing Compliance
  • Own and maintain our trust center
  • Manage the inbound security questionnaire queue for enterprise sales — turn these around quickly and accurately with a sales-forward mindset to accelerate deals
  • Be the go-to resource for enterprise prospects who need to understand our security and compliance posture
  • Support vendor security reviews on both sides: evaluating vendors we onboard and participating in customer-side reviews of us
Risk Management
  • Maintain the risk register and lead regular risk review cadences
  • Identify, document, and escalation risks across people, vendors, and infrastructure
Additional
  • Support penetration testing, vulnerability management, and security architecture — Engineering and Infra lead these, but you keep them on-track and ensure findings are tracked and remediated
  • Lay groundwork for future frameworks as…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search