Director, GRC & IT

Lead Aurora Solar's Security and Compliance programs, shaping the future of solar. Drive global information security, compliance, and risk management. Join as Director, GRC & IT in a remote-first team.

Aurora Solar
Aurora Solar
San Francisco, United States  UTC-08:00   Remote   Full Time   251-500   34 days ago

We’re searching for a senior leader to lead our Security and Compliance programs, and oversee our IT team. Reporting to the Senior Director of Engineering, the Director GRC & IT will have an immediate impact on the company by advancing our existing security and compliance programs and guiding our IT team. The ideal candidate will have demonstrable experience in IT, security and compliance in a growth stage B2B SaaS environment.

Your Impact

The Director GRC & IT will be responsible for leading Aurora’s global information security, data protection, and compliance programs. This role involves ensuring compliance with GDPR, SOC 2, and other relevant regulations and standards. The individual will manage risk, oversee security operations, develop and implement security policies, and ensure that all business processes meet industry standard security, legal and regulatory requirements.

  • Develop and implement a comprehensive security and compliance strategy that aligns with Aurora’s business goals. Stay current with industry trends, threats, and technology solutions to proactively manage security risks.
  • Drive all compliance initiatives including GDPR, CCPA, SOC2, ISO27001 etc. in close partnership with all departments through all phases of development, planning, execution, and maintenance
  • Be the public face of Aurora’s posture on security and compliance to our customers and prospects. Take ownership of driving confidence in our security posture through conversations and security questionnaire responses to unblock revenue opportunities across a global customer base
  • Develop and maintain an incident response plan. Lead the response to security incidents, ensuring timely resolution and communication. Conduct post-incident reviews and root cause analyses to prevent recurrence
  • Be the thought leader and driver for Aurora Solar’s long-term security and compliance strategy and posture – corporate, cloud, and application
    • Foster a culture of “security in everything we do” across all levels of the organization
    • Establish annual and long-range security and compliance goals, define security strategies, metrics, reporting mechanisms and program services; and create maturity models and a roadmap for program improvements
    • Develop and deliver security and compliance training programs for employees at all levels
    • Lead the development and implementation of effective policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation
    • Develop and implement policies and frameworks governing the use of AI within the organization. Monitor and assess AI-related risks and ensure appropriate controls are in place
    • Lead efforts to internally assess, evaluate and make recommendations to management regarding the adequacy of the security controls for our applications, infrastructure and products
    • Work closely with business and technical leaders on a wide variety of security issues that require an in-depth understanding of infrastructure, cloud based applications and architecture
    • Examine impacts of new technologies on the organization's overall information security
  • Work with Aurora’s legal department to ensure that corporate governance practices meet regulatory and legal requirements
  • Oversee our IT team and initiatives

What You Bring

  • 7+ years of experience leading IT, security, and compliance operations at a growth stage SaaS company
  • Strong interpersonal and communication skills with the ability to influence at all levels of the organization
  • A successful track record of leading the planning, execution and maintenance phases of complex security and compliance programs such as SOC2. Expertise in designing and implementing corporate and customer security policies
  • Exercising sound judgment and common sense when it comes to security and compliance posture to strike the right balance between the spirit and the letter of the compliance framework/law
  • Up-to-date knowledge of relevant regulatory frameworks, applicable laws and regulations
  • Strong incident response skills, with the ability to lead investigations, coordinate with stakeholders, and implement corrective actions
  • Strong project management skills with the ability to handle multiple projects simultaneously and meet deadlines
  • Proven experience in managing security operations across multiple regions or countries, understanding global security landscapes and compliance requirements

Nice to Haves

  • CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), or equivalent security certifications are not necessary but highly desirable.
  • Experience with Vanta or other GRC tooling
  • Understanding of Agile development methodologies
  • Experience in a fast growth startup environment

What We Offer

  • 🏖️Flexible PTO - Take the time when you need it
  • 🍼Parental Leave - 16 weeks with 100% base salary + gradual return to work
  • 💰WFH Stipend - An initial $675 CAD(Non-engineers) or $1000 CAD (Engineering roles)
  • 🏢 Coworking Stipend - $400 CAD / month if you prefer to be at a coworking facility near you
  • ☀️Energize Fridays - Company-wide days to log off and recharge
  • 📶Connectivity Stipend - Up to $100 CAD / month towards internet or phone
  • 🩺Medical, Dental, and Vision - Aurora will cover 100% of premiums for employee-only and dependent coverage of our supplemental medical, dental, and vision plans
  • Please take a look at our 2024 Canadian Benefits Booklet for a deeper dive into our offerings

Discover how you’re connected

View connections

See your contacts at Aurora Solar on LinkedIn to leverage your network in applying for this position.

Apply now

Job expired?
Apply now

Please let Aurora Solar know you found this job on Rejobs. This will help us grow and get more people to work on renewable energy!

About the role

Jun 17, 2024

Full Time


Dec 10, 2024


Aurora Solar

San Francisco, United States



Similar jobs near San Francisco, United States

Director, Project Development, East

Clearway Energy Group

San Francisco, United States   Hybrid   Full Time   USD 175k–220k

Senior Project Manager Development - Central Region

NextEra Energy

Juno Beach, FL / San Francisco, CA, United States   Hybrid   Full Time

Senior Supplier Industrialization Engineer, Electronics

Form Energy

Berkeley, CA, United States   On-site   Full Time

Senior Test Development Engineer

Form Energy

Berkeley, CA, United States   On-site   Full Time

Senior Chemical Engineer

Form Energy

Berkeley, CA, United States   On-site   Full Time   USD 124k–139k

Preventative Maintenance Field Service Technician III - Energy Storage

Fluence Energy

San Francisco, CA, United States   On-site   Full Time   USD 39–45

Solutions Engineer, Energy Storage

Anza Renewables

Oakland, United States   On-site   Full Time   USD 130k–150k

Intermediate Solutions Engineer - Energy Industry

Buzz Solutions

San Francisco, United States   Flexible   Full Time

Share with Friends

The stakes are high, and the time for talk has passed. Now is the time for action. Help a friend accelerate the shift to a sustainable future.

Share this job - Director, GRC & IT - with your folks, and help them find a career to be proud of.