All roles

Open role

Security GRC Manager

Remote · Indonesia Full-time

Job Description:

  • Own and mature Hex’s security and privacy compliance program across SOC 2, ISO 27001, ISO 27701, HIPAA, GDPR, CCPA, PCI DSS, and other frameworks relevant to our business
  • Ensure continuous audit readiness: maintain controls, gather evidence, manage auditors, and implement improvements.
  • Track regulatory and industry changes, advising Hex leadership on impact and recommended responses.
  • Maintain and develop core security policies, standards, and procedures, tailoring them to Hex’s real operating environment.
  • Own Hex’s risk management lifecycle: identify, assess, track, and drive mitigation of security, privacy, operational, and regulatory risks.
  • Build lightweight but effective governance processes, ensuring clear ownership, documentation, and accountability.
  • Serve as the primary owner of customer and prospect security questionnaires, risk assessments, and contractual security provisions.
  • Manage and improve Hex’s Trust Center / trust portal, ensuring accurate and compelling communication of Hex’s security posture.
  • Lead internal and external audits from planning through remediation.
  • Own Hex’s third-party risk management program, including vendor assessments, reviews, and ongoing monitoring.
  • Define and run security awareness training tailored to Hex’s environment.

Requirements:

  • 5–8+ years in GRC, compliance, security engineering, privacy, audit, or a related field
  • Deep familiarity with frameworks such as SOC 2, ISO 27001, ISO 27701, PCI DSS, HIPAA, GDPR, and associated security controls
  • Experience running or contributing significantly to audit cycles and certification processes
  • Technical literacy in cloud-native environments (AWS preferred), SaaS architectures, and modern security tooling
  • Ability to understand and explain product architecture, data flows, and control implementations to auditors and customers

Benefits:

  • Competitive total rewards package
  • Comprehensive health benefits
  • Flexible paid time off

Apply To This Job

More open positions

Product GRC SME

Work from home Full-time role

Technical Program Manager (Product Development) Risk & GRC

Work from home Full-time role

Cybersecurity Analyst(Remote)

Work from home Full-time role

[Remote] Information Security – Governance, Risk, and Compliance (GRC) Director (Remote)

Work from home Full-time role

Controls Testing Analyst (Audit/GRC Analyst)

Work from home Full-time role

Senior Manager | Sales Technology PwC - Oil & Gas, Energy

Work from home Full-time role

Retail Part-Time Store Associate, Fabletics (Westfield Century City - Los Angeles, CA)

Work from home Full-time role

Commercial Lines, Inside Sales Agent (REMOTE)

Work from home Full-time role

Motion Graphics Designer / Animator, AV

Work from home Full-time role

Workday Support Consultant (Pay Transparency Analyzer)

Work from home Full-time role

reputed company US Immigration Paralegal - Remote | Workwarp (reputed company Family of Companies)

Work from home Full-time role

[Remote] Sales Development Representative

Work from home Full-time role

[Remote] Administrative Assistant 3

Work from home Full-time role

SEO​/SEM Senior Specialist; Remote

Work from home Full-time role

[Remote] AI Engineer

Work from home Full-time role

[Remote] Principal Machine Learning Engineer, ML Platform

Work from home Full-time role

LMS Administrator: Optimize Learning Platform (Remote)

Work from home Full-time role

Founding Legal Engineer

Work from home Full-time role

Part‑Time Remote Customer Service Care Representative (CCR) – Data Entry & Administrative Support – Flexible Hours – Ohio (Work‑From‑Home)

Work from home Full-time role

Experienced Telemarketing and Customer Service Associate – Flexible Role for College Students and Fresh Graduates

Work from home Full-time role

Human Resources Generalist - Remote/Hybrid - Los Angeles, CA

Work from home Full-time role