Director of Governance, Risk and Compliance (GRC) - Leading Cloud Technology Marketplace

Join Pax8, the Leading Cloud-Based Technology Marketplace, as a Director of Governance, Risk and Compliance (GRC) Pax8 is revolutionizing the way businesses navigate the cloud technology landscape. As a fast-growing, dynamic startup, we're committed to simplifying the cloud journey for our partners by integrating technology, business intelligence, and proactive service. Our mission is to be the world's favorite place to buy cloud products, and we're looking for a seasoned Director of Governance, Risk and Compliance (GRC) to drive our GRC program forward. About Pax8: Culture, Values, and Mission At Pax8, culture is not just a buzzword - it's the backbone of our organization. We Elev8 each other, Advoc8 for our partners, Innov8 continuously, and Celebr8 life. We believe in fostering an environment that encourages diversity, inclusivity, and creativity. Our people are passionate, driven, and humorously offbeat, making Pax8 a place you can truly call home. As a remote-friendly company, we understand that our team members are located across the globe. We embrace hybrid- and remote-work arrangements, ensuring that everyone is part of the Pax8 team, regardless of their location. Position Summary: Director of Governance, Risk and Compliance (GRC) The Director of Governance, Risk and Compliance (GRC) will be responsible for developing, implementing, and managing Pax8's GRC program. This includes overseeing all aspects of risk management, compliance, and organizational resilience. The ideal candidate will have a deep understanding of GRC best practices and a proven track record of success in implementing and managing GRC programs in complex organizations. Essential Responsibilities: Develop and implement a comprehensive GRC program that aligns with Pax8's overall business goals and risk tolerance. Oversee the annual risk assessment process and develop and implement risk treatment plans. Manage the company's resilience program, including business continuity, disaster recovery, and incident response. Develop and manage security policies and standards. Ensure appropriate controls are implemented throughout the environment to comply with security policies and standards. Audit corporate processes for compliance to policies and standards. Support external audit engagements for ISO, SOC 2, and other standards. Respond to inbound security inquiries from partners, customers, and other stakeholders. Assess and manage vendor risk. Develop and track security metrics. Develop and deliver security training and awareness programs. Partner closely with legal, human resources, and other business partners to ensure that GRC considerations are integrated into all aspects of the business. Ideal Skills, Experience, and Competencies: 10+ years of experience in GRC or a related field, with at least 5 years in a leadership role. Strong understanding of security frameworks and certifications, such as ISO 27001, SOC 2, and NIST Cybersecurity Framework (CSF). Experience in developing and managing GRC programs in complex organizations. Experience in risk management, compliance, resilience, security policy and standards, vendor risk management, security metrics, and security training and awareness. Excellent communication and presentation skills. Ability to work independently and as part of a team. Required Education B. A./B. S. in a related field or equivalent work experience. What We Offer: Compensation, Benefits, and Perks As a valued member of our team, you'll enjoy a competitive salary beginning at $153,000 or more, depending on your experience. Our compensation package is benchmarked on local Denver Metro area market rates, with adjustments made for applicable cost of wages in other locations. At Pax8, we believe that your Total Rewards should include a comprehensive benefits package that reflects our appreciation for our greatest assets - our people. As a Full-Time Employee (FTE), you'll enjoy the following benefits: Non-Commissioned Bonus Plans or Variable Commission. 401(k) plan with employer match. Medical, Dental, and Employee Assistance Program. Employer-Paid Short-Term Disability. Flexible, Open Vacation policy. Paid Sick Time Off. Extended Leave for Life events. RTD Eco Pass (for local Colorado Employees). Career Development Programs. Stock Option Eligibility. Employee-led Resource Groups. Why Join Pax8? At Pax8, we're passionate about creating a work environment that's both challenging and rewarding. As a Director of Governance, Risk and Compliance (GRC), you'll have the opportunity to make a meaningful impact on our business, drive our GRC program forward, and grow your career in a dynamic and supportive environment. If you're a seasoned GRC professional looking for a new challenge, we encourage you to apply for this exciting opportunity. Don't worry if you don't meet 100% of the bullet points - we believe in cultivating an environment with a diversity of perspectives, and we're looking for talent that adds to our team. Submit Your Application Seize this opportunity to make a significant impact. Apply now and take the first step towards a rewarding new role. Apply for this job