# Director of Governance, Risk & Compliance **Company**: Scale **Location**: San Francisco, CA **Work arrangement**: onsite **Experience**: senior **Job type**: full-time **Salary**: $302,400-$378,000 USD **Category**: Legal **Industry**: Technology **Apply**: https://job-boards.greenhouse.io/scaleai/jobs/4654775005 **Canonical**: https://yubhub.co/jobs/job_b01f1451-476 ## Description We are seeking a highly experienced Director of Governance, Risk, and Compliance to build and lead our centralized GRC function. The ideal candidate will have a deep understanding of corporate regulatory compliance and risk management, attention to detail, strong leadership and relationship-building skills, and experience building successful compliance programs at high-growth companies. You will lead the GRC function at Scale, including compliance governance, compliance advisory, risk management, and regulatory compliance. You will manage and develop a team of compliance professionals spanning governance, assurance, and GRC engineering to build scalable systems and processes. Key responsibilities include: - Owning and maturing Scale's Enterprise Risk Management (ERM) program, including risk identification, assessment, mitigation, and reporting. - Partnering with Legal, Security, Product, Engineering, and Operations, among other teams, to help guide Scale's growth in a highly scrutinized space. - Owning or contributing to Scale's AI governance strategy, including monitoring and operationalizing emerging AI regulations (EU AI Act, NIST AI RMF, state AI laws). - Helping set and drive vision for how GRC can not only help protect Scale, but serve as a differentiator and competitive advantage. - Representing the team with internal and external stakeholders (partners, regulators, etc.). Ideally, you'd have: - 10+ years of progressive experience in GRC, compliance, or related legal/regulatory roles, with demonstrated success building or scaling compliance programs. - Demonstrated success in building and leading high-quality compliance programs and teams. - Experience designing and operating an Enterprise Risk Management program. - Deep knowledge of applicable regulatory frameworks, including SOC 2, ISO 27001, FedRAMP, GDPR, and CPRA. - Experience with U.S. Government contract compliance requirements (FAR, DFARS, NIST 800-171, CMMC). - Proven track record of designing and maturing governance and internal control environments to support IPO readiness. - Excellent communicator with the ability to break down complex requirements into easy-to-understand and practical systems. - Thrive in fast-paced, high-growth environments with ambiguity and competing priorities. - Love collaborating with talented professionals across many disciplines,product, design, security, engineering, marketing, and more. Nice to haves: - Experience with AI governance frameworks and emerging AI regulatory requirements. - Experience building a compliance team that helped take a company public. - Deep knowledge of DoD-specific compliance requirements and security frameworks. ## Skills ### Required - Governance, Risk, and Compliance - Compliance Governance - Compliance Advisory - Risk Management - Regulatory Compliance - Enterprise Risk Management - AI Governance - U.S. Government Contract Compliance - IPO Readiness ### Nice to have - AI Governance Frameworks - Emerging AI Regulatory Requirements - DoD-Specific Compliance Requirements - Security Frameworks