GRC Manager at Baseten | Hybrid Hired

About the role

GRC Manager overseeing security governance and compliance at AI infrastructure company Baseten. Lead initiatives for SOC 2, ISO 27001, and GDPR compliance while fostering collaboration across teams.

Responsibilities

Governance & Policy Development: Design, implement, and maintain security governance frameworks, policies, and procedures that align with Baseten’s risk posture and industry best practices.
Risk Management: Build and manage the company-wide risk assessment program, identifying, tracking, and mitigating key security and compliance risks.
Compliance Operations: Lead efforts to achieve and maintain compliance with SOC 2, ISO 27001, GDPR, and other applicable standards and regulations.
Audit & Certification Management: Coordinate external audits and certification processes, ensuring evidence collection, control validation, and remediation plans are executed efficiently.
Third-Party Risk Management: Oversee vendor security assessments and ensure third-party providers meet Baseten’s security and compliance standards.
Cross-Functional Collaboration: Partner with Engineering, Product, and Operations teams to embed compliance and risk management into day-to-day operations and technical processes.
Customer Trust & Assurance: Support customer security questionnaires, due diligence efforts, and documentation requests from prospective and existing clients.
Training & Awareness: Develop and deliver security and compliance training to ensure company-wide understanding of key policies and responsibilities.
Continuous Improvement: Stay current on evolving regulatory requirements and lead initiatives to mature our compliance and risk management programs.

Requirements

5+ years of experience in GRC, Security Compliance, or Information Security roles, ideally in a SaaS or cloud-native environment.
Strong understanding of security frameworks and standards such as SOC 2, ISO 27001, NIST, and GDPR.
Proven track record managing compliance audits and certification programs end-to-end.
Familiarity with risk management methodologies, control design, and governance frameworks.
Experience working cross-functionally with technical and non-technical stakeholders to implement compliance controls.
Excellent organizational, documentation, and communication skills with attention to detail.
Ability to thrive in a fast-paced, high-growth startup environment while maintaining structure and process discipline.

Benefits

Competitive compensation, including meaningful equity.
100% coverage of medical, dental, and vision insurance for employee and dependents
Generous PTO policy including company wide Winter Break (our offices are closed from Christmas Eve to New Year's Day!)
Paid parental leave
Company-facilitated 401(k)
Exposure to a variety of ML startups, offering unparalleled learning and networking opportunities.

Similar roles

Browse all Compliance jobs

9 hours ago

GG

Consultant GMP Compliance, Quality Assurance

gempex GmbH

Consultant for GMP compliance and quality assurance in Life Sciences. Engage in validation projects and assist in compliance documentation.

Onsite Role

Sisseln Switzerland Compliance

9 hours ago

GG

Senior Projekt Ingenieur – GMP Compliance, Life Sciences

gempex GmbH

Senior Project Engineer focusing on GMP Compliance in the Life Sciences sector. Responsible for project planning, execution, and client communication in Mannheim, Germany.

Onsite Role

Mannheim Germany Compliance

9 hours ago

GG

Senior Consultant, Compliance Medical Devices

gempex GmbH

Senior Consultant managing Compliance projects in the medical devices sector with a focus on Quality & Regulatory. Collaborating with a dynamic team in a leading GMP - expert company.

Onsite Role

Mannheim Germany Compliance

10 hours ago

LI

Regulatory CMC Manager, Regulatory Consulting

Lifelancer

Regulatory CMC Manager supporting multi - product global regulatory CMC for products at Marketing Authorisation Application Stage. Focused on documentation preparation, submissions, and providing regulatory support.

Hybrid Role

London United Kingdom Compliance

3 days ago

VO

Satellite Policy & Regulation Manager

Vodafone

Manage Vodafone's satellite communications policy and regulations while collaborating with teams. Engage in strategic initiatives and develop regulations to support satellite ambitions.

Onsite Role

United Kingdom Compliance

3 days ago

SA

Compliance Analyst, AML

Sabiá Administração

Compliance Analyst managing fraud prevention strategies and governance in Brazil's iGaming sector. Ensuring compliance with regulations and internal policies in a dynamic environment.

Hybrid Role

Belo Horizonte Brazil Compliance

3 days ago

RS

Consultor GRC, Pleno

Redbelt Security

GRC Consultant implementing governance, risk, and compliance projects for cybersecurity at Redbelt Security. Evaluating processes and recommending improvements to enhance cybersecurity effectiveness.

Hybrid Role

São Paulo Brazil Compliance

3 days ago

JO

Compliance Engineer, GCS-CSO

Jobs2web

Customs Compliance Engineer focusing on customs classification and supporting import/export activities at Universal Robots. Collaborating with teams in Denmark and maintaining classification codes.

Onsite Role

Cebu Philippines Compliance

3 days ago

NG

Principal International Trade Compliance Analyst

Northrop Grumman

International Trade Compliance Analyst specialized in export logistics and regulatory compliance for the defense industry. Collaborating with programs and stakeholders to ensure compliant exports while maintaining accurate records.

Hybrid Role

Irving United States Compliance

$81,400 - $141,200 per year

3 days ago

DC

Regulatory Coordinator

Duke Careers

Regulatory coordinator overseeing various industry, Federal, and Foundation clinical trials. Facilitating compliance, documentation, and safety reporting processes in support of healthcare research.

Onsite Role

Durham United States Compliance