Specialist- GRC

About Sirion

Sirion is the world's leading AI–native Contract Lifecyle Management (CLM) platform , transforming the end-to-end contracting journey for enterprises. With Agentic AI at the core, the platform's extraction, conversational search, and AI-enhanced negotiation capabilities have revolutionized contracting across Fortune 500 companies like IBM, Coca Cola, Citi and GE. With more than 800 employees across the globe, Sirion comprises a team of AI engineers, legal experts and researchers who are working relentlessly to build reliable and trustworthy CLM for businesses of tomorrow. Recognized by Gartner, IDC, and Spend Matters as a consistent CLM leader, Sirion sets the innovation benchmark for the category.

For more information, visit www.sirion.ai .

Power the Future of AI & Why This Role Matters

Join us as an Information Security & Data Privacy GRC Professional and help shape the security backbone of our AI-powered SaaS. With deep expertise in information security frameworks, risk management, and data privacy regulations, you will design and implement enterprise-grade governance, risk, and compliance strategies. You will partner with business leaders, engineering teams, and legal experts to safeguard sensitive data, uphold regulatory compliance, and mitigate risks in a fast-paced, innovation-driven environment.

How You'll Make An Impact

• Develop & Implement GRC Frameworks — Design, maintain, and enhance governance, risk, and compliance strategies, policies, and procedures to align with enterprise standards and global regulations.
• Lead Risk Assessments — Conduct vendor, third-party, and internal security assessments to identify and mitigate privacy and security risks.
• Drive Compliance Excellence — Ensure adherence to standards like GDPR, HIPAA, ISO 27001, SOC 2, and PCI DSS through continuous monitoring and process improvement.
• Oversee Data Privacy Programs — Manage initiatives for data classification, governance, and Privacy Impact Assessments (PIAs) to protect sensitive information.
• Act as Privacy SME — Serve as the go-to expert for data privacy matters, collaborating with legal teams to address regulatory inquiries.
• Mitigate Security Risks — Identify, prioritize, and address threats by developing and implementing effective risk controls.
• Promote Security Awareness — Design and deliver engaging training programs to foster a culture of compliance and data protection.
• Collaborate Across Functions — Work closely with IT, Legal, Engineering, and Product teams to embed security and privacy into enterprise operations.
• Mentor & Guide Teams — Provide leadership to junior team members and align stakeholders toward achieving organizational security objectives.

Skills & Experience You Bring To The Table

Experience : 2-4 Years of Proven track record in information security and data privacy GRC, with hands-on expertise in risk management and compliance frameworks.

Core Expertise

Preferred Certifications

Soft Skills

Commitment to Diversity and Inclusion

We are an equal opportunity employer committed to diversity and inclusion. We do not discriminate based on race, color, gender, religion, national origin, ancestry, age, disability, medical condition, genetic information, military or veteran status, marital status, pregnancy, gender identity, sexual orientation, or any other protected characteristic. We provide reasonable accommodations for disabled employees and applicants as required by law. These principles apply to all aspects of employment, including recruitment, training, promotions, compensation, benefits, transfers, and social programs.

Excited about this opportunity

We'd love to hear from you! To apply, simply visit our Career at Sirion page and follow the easy steps to submit your application.

Skills Required

data classification, Pci Dss, Gdpr, Oauth2, Jwt, Hipaa, Iso 27001, Tls