GRC and Third-Party Risk Manager

Delhi
G&A – Information Technology /
Remote
About HighLevel:  
HighLevel is a cloud-based, all-in-one white-label marketing and sales platform that empowers marketing agencies, entrepreneurs, and businesses to elevate their digital presence and drive growth. With a focus on streamlining marketing efforts and providing comprehensive solutions, HighLevel helps businesses of all sizes achieve their marketing goals. We currently have 1000+ employees across 15 countries, working remotely as well as in our headquarters, which is located in Dallas, Texas. Our goal as an employer is to maintain a strong company culture, foster creativity and collaboration, and encourage a healthy work-life balance for our employees wherever they call home.

Our Website - https://www.gohighlevel.com/
YouTube Channel - https://www.youtube.com/channel/UCXFiV4qDX5ipE-DQcsm1j4g
Blog Post - https://blog.gohighlevel.com/general-atlantic-joins-highlevel/

Our Customers:
HighLevel serves a diverse customer base, including over 60K agencies & entrepreneurs and 450K million businesses globally. Our customers range from small and medium-sized businesses to enterprises, spanning various industries and sectors.

Scale at HighLevel:
We work at scale; our infrastructure handles  around 3 Billion+ API hits & 2 Billion+ message events monthly and over 25M views of customer pages daily. We also handle over 80 Terabytes of data across 5 Databases.

About the Team:
Currently we have millions of sales funnels, websites, attributions, forms and survey tools for lead generation. Our B2B customers use these tools to bring in the leads to the HighLevel CRM system. We are working to continuously improve the functionality of these tools to solve our customers’ business needs. In this role, you will be expected to be autonomous, guide other developers who might need technical help, collaborate with other technical teams, product, support and customer success

About the Role:
We are looking for a dedicated Information Security Specialist - GRC to oversee our compliance efforts, manage third-party risks, and guide us through certification processes. This role is crucial in ensuring our organization meets regulatory requirements and effectively manages vendor risks and works directly with Director Cyber Security and Architecture.

What You Will Do:

    • Develop and maintain GRC policies, procedures, and controls
    • Lead efforts to achieve and maintain certifications (e.g., SOC 2 Type 2, ISO 27001)
    • Manage the third-party risk assessment process
    • Conduct regular risk assessments and develop mitigation strategies
    • Oversee internal and external audits
    • Implement and manage GRC tools and platforms
    • Provide GRC training and awareness programs for employees
    • Stay current with relevant laws, regulations, and industry standards
    • Prepare reports for senior management on GRC and third-party risk status

What You Bring:

    • Required Qualifications- Bachelor's degree in Business Administration, Information Systems, or related field
    • 5+ years of experience in GRC, compliance, or risk management
    • Strong knowledge of information security frameworks and standards (e.g., NIST, ISO 27001, SOC 2)
    • Experience with third-party risk management processes
    • Familiarity with relevant regulations and compliance requirements
    • Excellent organizational and project management skills
    • Strong analytical and problem-solving abilities
    • Exceptional communication and interpersonal skills

Qualifications

    • Master's degree in a relevant field
    • Relevant certifications such as CISA, CRISC, CGEIT, or equivalent
    • Experience implementing and managing GRC tools
    • Knowledge of data privacy laws and regulations (e.g., GDPR, CCPA)
    • Experience in technology or SaaS companies
EEO Statement: 
At HighLevel, we value diversity. In fact, we understand it makes our organisation stronger. We are committed to inclusive hiring/promotion practices that evaluate skill sets, abilities, and qualifications without regard to any characteristic unrelated to performing the job at the highest level. Our objective is to foster an environment where really talented employees from all walks of life can be their true and whole selves, cherished and welcomed for their differences while providing excellent service to our clients and learning from one another along the way! Reasonable accommodations may be made to enable individuals with disabilities to perform essential functions.