Governance, Risk and Compliance (GRC) Manager

San Francisco OR Remote US/Canada

Scribd logo


The world's largest digital library. Enjoy millions of eBooks, audiobooks, magazines, podcasts, sheet music, and documents. Start now with a free trial.

View all employer listings

Apply now Apply later

At Scribd (pronounced “scribbed”), we believe reading is more important than ever. Join our cast of characters as we work to change the way the world reads by building the world’s largest and most fascinating digital library: giving subscribers access to a growing collection of ebooks, audiobooks, magazines, documents, Scribd Originals, and more. In addition to works from major publishers and top authors, our community includes over 1.5M subscribers in nearly every country worldwide.
The Security, Governance, Risk and Compliance (GRC) organization is a new organization within Scribd.  This person will be a part of a team that ensures Scribd and its stakeholders consistently demonstrate their adherence to applicable laws, regulations, and rules. It is an exciting time to join this organization as we are early on the compliance journey.  This role will be essential to laying the groundwork for the company.  
Our Mission is to protect and prevent damage of data and infrastructure of people and the company. Our Vision is to implement a strong culture of security awareness and practices. Develop automated security systems to detect and prevent unauthorized behavior. This team will support and oversee the company’s technology platform and work with all operational teams and delegates.
You will lead the development, execution and evolution of Scribd’s Information Security, Governance, Risk and Compliance programs. You will ensure Scribd’s compliance with various regulatory standards and programs by continually monitoring and testing the effectiveness of ITGCs. You will identify, quantify, prioritize and help drive to resolution areas of risk across Scribd’s IT operations and business systems.
Responsibilities:Data Management ProgramSet up a new data management program, including analyzing the current environment, standardizing formats, defining rules and processes for data flow, data enrichment and addressing privacy regulations and concerns.  Develop dashboards and KPI’s.
Vendor Management Program Develop an effective vendor management program, including coordination with contract management, establishing vendor performance reviews, addressing privacy and confidentiality issues and overall risk management.
IT SOX Compliance ProgramScribd is completing first year IT SOX compliance.  Initialize IT SOX successfully and move IT SOX into an annual maintenance calendar.Refine existing controls and develop new ones to fill gapsBe the primary contact for Scribd’s Internal Audit functionInterface with external auditors as required
Manage the annual PCI recertification programFacilitate business continuity and disaster recovery programsAssure compliance with domestic and international privacy standards (e.g. GDPR, CCPA, etc)
You Have:
● Bachelor’s degree and 5+ years related work experience or equivalent combination of education and experience● Excellent communication skills needed to interact with various organizational levels● Ability to prioritize in a fast-changing environmentAbility to partner with and lead others not reporting directly to you● Experience and knowledge of cloud infrastructures (AWS, GCP, Azure)● Experience in maintaining a control environment in an engineering and IT organization, including:   - Strong technical knowledge of IT General Control design and test execution.  - Knowledge of compliance frameworks is a must: Sarbanes-Oxley (SOX), Payment Card Industry Data Security Standard (PCI-DSS)  - General knowledge of applicable data privacy practices and laws (e.g. GDPR)  - Proven, in-depth technical knowledge of Information Security principles and processes  - Experience writing precise and auditable policies, control objectives, and procedural documentationProven experience in a GRC framework.
Ideally You Have:
● Certifications such as CISA, CISSP, CCSK, CDPSE, CRISC

Benefits, Perks, and Wellbeing at Scribd
• Healthcare Benefits: Scribd pays 100% of employee’s Medical, Vision, and Dental premiums and 70% of dependents• Leaves: Paid parental leave, 100% company paid short-term/long-term disability plans and milestone Sabbaticals• 401k plan through Fidelity, plus company matching with no vesting period• Equity - Every employee is an owner in Scribd! • Generous Paid Time Off, Paid Holidays, Flexible Sick Time, Volunteer Day + office closure between Christmas Eve and New Years Day• Referral bonuses• Professional development: generous annual budget for our employees to attend conferences, classes, and other events• Company-wide Diversity, Equity, & Inclusion programs which include learning & development opportunities, employee resource groups, and hiring best practices.• Learning & Development and Coaching programs• Monthly Wellness, Connectivity & Comfort Benefit• Concern mental health digital platform• Work-life balance flexibility• Company events + Scribdchats• Free subscription to Scribd + gift memberships for friends & family
Want to learn more? Check out our office and meet some of the team at
Scribd is committed to equal employment opportunity regardless of race, color, religion, national origin, gender, sexual orientation, age, marital status, veteran status, disability status, or any other characteristic protected by law.
We encourage people of all backgrounds to apply. We believe that a diversity of perspectives and experiences create a foundation for the best ideas. Come join us in building something meaningful.
Job region(s): North America
Job stats:  1  1  0
  • Share this job via
  • or

Explore more Remote Work and WFH career opportunities