Director, Governance, Risk and Compliance

About the role

We are seeking a highly motivated and experienced Director of Governance, Risk & Compliance (GRC) to lead the development and implementation of our GRC program within Auctane. This critical role will be responsible for ensuring the company's compliance with relevant regulations, managing organizational risks, and promoting a strong ethical culture. The ideal candidate will have a deep understanding of GRC principles, strong leadership skills, and a proven track record of success in a fast-paced tech environment.

Provide leadership and management of the IT & Security Governance, Risk and Compliance team to ensure an effective, efficient and proactive approach to governance, risk and compliance, and support incident response activity when needed.

Define and collect metrics / KPIs and periodically report to leadership on overall effectiveness of the Governance, Risk and Compliance team.

This position is hybrid (3 days per week in office)and is located in Austin, Texas.

Travel Requirements: Up to 10% travel required.

What will you be doing?

• Governance Framework:




• Develop and maintain the security governance framework, ensuring alignment with industry standards, regulations, and risk appetite
• Advise senior management on governance best practices.
• Ensure adherence to corporate policies and procedures.
• Maintain Auctane's ISMS ensuring it remains in compliance and adherence to corporate policies and procedures, security standards.
• Lead on AI, Data protection ,governance with regards the AI Act, GDPR, US Data Protection Laws.




• Risk Management:




• Leading the end-to-end management of the security risk environment and internal security control framework; assisting and supporting risk and control owners in mitigating/resolving cyber and information security risk and control weaknesses ensuring that the Group continues to operate within risk appetite and regulations
• Conduct comprehensive risk assessments to identify and evaluate potential threats and vulnerabilities.
• Develop and maintain a risk register, prioritizing risks based on their impact and likelihood.
• Establish and implement risk mitigation strategies and action plans.
• Monitor and report on the effectiveness of risk management efforts.




• Compliance Oversight:




• Lead SOC2 Compliance Program across Auctane
• Lead and ensure PCI Compliance Program across Auctane
• Stay informed of relevant laws, regulations, and industry standards (e.g., AI ACT, GDPR, CCPA, ).
• Conduct regular Internal compliance audits and reviews.
• Investigate compliance breaches and implement corrective actions.




• Reporting and Communication:




• Promote a culture of ethics and compliance.
• Prepare regular reports on risk, compliance, and governance matters for senior management and the board of directors.
• Communicate effectively with stakeholders on GRC topics.

What are we looking for?

• 7 + years of experience with risk management and compliance frameworks, including related regulatory and IT compliance requirements (e.g., SOC 2, NIST 800-53, ISO 27001)
• Strong understanding of PCI DSS requirements, controls, and assessment processes.
• Experience within tech industry is highly desirable
• Hands on Information Security Awareness and/or security compliance experience with Information Security standards, technology and monitoring
• Highly organized, meticulous attention to detail
• 4 year degree in business or related field or equivalent experience

What do we offer?

• We are a hybrid company. All team members at Auctane in Austin come into the office Tuesdays, Wednesdays and Thursdays.
• Take the reins of your time off with our Flex Time Off policy - because work-life balance should always be in your hands!
• We offer 12 paid holidays for all of our US employees!
• 401k employer matching program - because your future deserves a friendly boost!
• We conduct annual merit reviews to recognize and reward your hard work and achievements.
• Company events, we work hard, play hard! We do our best every day, even at our regular team-building events.
• Attractive office space in the heart of central Austin, Texas (free drinks, snacks...).
• Indulge in weekly catered lunches at our office - a delicious perk to fuel your work.
• Health and Wellness: The well-being of our team is super important to us. Choose from different options that include medical, dental, and vision plans.
• Fitness center in the office with Tonal Mirrors, Pelotons, free weights, etc.
• Employee Assistance Program. We offer up to 8 free mental health sessions.
• We offer gym discounts to help you stay fit and healthy!
• We offer education reimbursement to all employees, ensuring that you can pursue your educational goals while excelling in your career with us. Invest in your future and let us support your growth every step of the way.
• Employee Referral Program! We reward employees helping us find top talent!
• An inclusive, casual and upbeat work environment. The personality and opinions of each of our team members are important and valid; we aim to offer all employees a safe environment where they can be themselves and thrive.

Additional Position Duties: (The following is a list of what all employees, except those with medical accommodation, may be regularly required to do.)

• Sit for prolonged periods of time
• Utilize wrist and hands for a prolonged period of time
• Walk short distances
• Stand for short periods
• Speaking and conversing with others
• Lift up to 25lbs without assistance up to chest height

Equal Opportunity Employer/Veterans/Disabled

If you are based in California, we encourage you to read this important information about the ShipStation Privacy Policy for California residents linked here.