Join our Talent Network
Skip to main content

Security GRC Program Manager


Remote, United States

Job ID: R01117

Save Job Saved


Confluent is pioneering a fundamentally new category of data infrastructure focused on data in motion. Have you ever found a new favorite series on Netflix, picked up groceries curbside at Walmart, or paid for something using Square? That’s the power of data in motion in action—giving organizations instant access to the massive amounts of data that is constantly flowing throughout their business. At Confluent, we’re building the foundational platform for this new paradigm of data infrastructure. Our cloud-native offering is designed to be the intelligent connective tissue enabling real-time data, from multiple sources, to constantly stream across the organization. With Confluent, organizations can create a central nervous system to innovate and win in a digital-first world.  


We’re looking for self-motivated team members who crave a challenge and feel energized to roll up their sleeves and help realize Confluent’s enormous potential. Chart your own path and take healthy risks as we solve big problems together. We value having diverse teams and want you to grow as we grow—whether you’re just starting out in your career or managing a large team, you’ll be amazed at the magnitude of your impact.  


About the Role:  

As the Governance, Risk, and Compliance Specialist in the Trust, Security & Reliability organization, you will play a critical role in fulfilling the vision to secure Confluent’s platform and cloud offerings through a combination of technical expertise, security risk management, customer assurance, third-party risk management, and excellent program management skills. You should be experienced in creating and maintaining risk registers, developing and reporting on key risk indicator(s), conducting third party risk assessment, and facilitating security control discussions with internal and external stakeholders, and customers.  


What You Will Do:  

  • Help support various parts of the company to adopt a common risk and control framework  
  • Perform third-party risk assessments to maintain oversight of third-party vendors  
  • Help with maintenance of risk register and issue management programs to ensure security risks are centrally and consistently cataloged, appropriately monitored, reported and risk treatment decisions are clearly documented  
  • Assist in periodic re-validation of our Top Risks and drive improvements for risk reduction  
  • Assist with the implementation and operation of Governance Risk and Compliance (GRC) tooling to further improve and automate our GRC processes  
  • Assist with all ongoing compliance activities related to the implementation, maintenance, monitoring, and continuous improvement of the Information Security Management System (ISMS)  
  • Evaluate the effectiveness of information security controls and performance by developing, monitoring, gathering, and analyzing information security and compliance metrics for management  
  • Advise and collaborate with SMEs, including Audit & Compliance teams, to ensure adequate security controls are in place to manage risk and are aligned with leading best practices  
  • Perform security policy and standard gap analysis, propose and evaluate appreciate changes  


What You Will Bring:  

  • Experience working with Agile methodology, JIRA, and GRC tools  
  • 2-5 years of relevant industry experience   
  • Strong knowledge of and experience in security risk management lifecycle  
  • Familiar with security compliance frameworks and requirements, e.g., SOC 1/2, HITRUST, FedRAMP, IRAP, PCI, ISO27001, NIST CSF  
  • Experience in third party risk assessment and third party risk continuous monitoring  
  • Experience in security policy governance lifecycle  
  • Experience working with, Cloud technologies/environments, AWS or other related cloud experience is required  
  • Strong communication, interpersonal and leadership skills to work with both engineering and other non-technical stakeholders  
  • Strong security and compliance domain knowledge  
  • Bachelor's degree in Computer Science, a related field or equivalent practical experience  



Come As You Are  


At Confluent, equality is a core tenet of our culture. We are committed to building an inclusive global team that represents a variety of backgrounds, perspectives, beliefs, and experiences. The more diverse we are, the richer our community and the broader our impact. Employment decisions are made on the basis of job-related criteria without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other classification protected by applicable law.  



At Confluent, we are committed to providing competitive pay and benefits that are in line with industry standards. We analyze and carefully consider several factors when determining compensation, including work history, education, professional experience, and location.  This position has an annual estimated salary of $125,000 - $146,880 USD, an annual bonus, and a competitive equity package. The actual pay may vary depending on your skills, qualifications, experience, and work location. In addition, Confluent offers a wide range of employee benefits. To learn more about our benefits click HERE.  


Click HERE to review our Candidate Privacy Notice which describes how and when Confluent, Inc., and its group companies, collects, uses, and shares certain personal information of California job applicants and prospective employees.  



Global Benefits to Help You Do Your Best Work

Leadership Principles Define How we Act

Our Leadership Principles outline a shared set of expectations for how we think and behave at Confluent. They’re an extension of our company values which we all live each day. You can learn more here.

Confluent is Remote-First

At Confluent, we care about how you work - not where. We encourage you to apply for positions outside of the listed job location or your immediate region.

Share this post