Director, Head of Governance, Risk & Compliance (GRC)

Dremio is seeking a Director, Head of Governance, Risk & Compliance (GRC) to lead the company's efforts in building a secure, compliant, and resilient operating foundation across its software and cloud platforms. This leadership role encompasses oversight of Governance, Risk & Compliance, as well as the IT and Security functions, integrating risk management, compliance, and security architecture into a cohesive strategy. The Director will collaborate closely with Engineering, Product, and Security Architecture teams to embed compliance and security by design, develop scalable governance models, and ensure that Dremio's technology and operations meet the trust standards expected by customers and regulators.

Key responsibilities include building and overseeing the company's enterprise-wide GRC framework, integrating risk, compliance, IT, and security disciplines. The role involves partnering with Finance, Legal, and Product teams to align governance and control frameworks with business objectives and growth strategy. Maintaining a comprehensive enterprise risk register, performing ongoing assessments, and ensuring consistent documentation and audit readiness for key frameworks such as SOC 2, ISO 27001, GDPR, CCPA, PCI, and FedRAMP are also essential duties.

The ideal candidate will possess a Bachelor's or Master's degree in Computer Science, Information Security, or a related field, with 8-10 years of progressive experience in GRC, IT Security, or compliance, including at least 3 years in a leadership role within a software, SaaS, or cloud-based company. A strong understanding of cloud architectures and modern DevSecOps practices, deep knowledge of compliance frameworks, and the ability to collaborate with Engineering and Product teams to translate compliance requirements into practical, sustainable controls are crucial. Excellent communication skills are necessary to simplify complex technical and regulatory topics for executive and cross-functional audiences.

Dremio offers a comprehensive benefits package, including medical, dental, and vision insurance, a 401(k) plan, short-term and long-term disability and life insurance, pre-IPO stock options, flexible PTO, 16 hours of volunteer time off, 12 company-paid holidays (including Juneteenth), remote work options, paid parental leave, an Employee Assistance Program (EAP), and biannual swag surprises.

At Dremio, the company values high standards in People, Thinking, and Action. Employees, known as 'Gnarlies,' are expected to communicate with clarity, drive accountability, and show respect towards each other. The company focuses on results, operates with a sense of urgency, and builds momentum, creating an environment where proactive individuals can thrive.