Founding GRC Lead

About the role

Pallet is hiring its first dedicated GRC leader to own how we earn and keep trust: with customers, auditors, and regulators. You'll run our SOC 1 and SOC 2 programs, build our GDPR and CCPA privacy operations, and work shoulder-to-shoulder with engineering, product, sales, and legal to make compliance something Pallet is good at, not something it survives. This role reports directly to leadership and is the foundation of a function you will one end to end, and eventually grow. Why this role is different: You're the first. No inherited process, no legacy bureaucracy: you design the compliance operating model from a blank page, with the GRC tooling and executive support to do it right. Revenue-facing, not back-office. Enterprise deals at Pallet increasingly hinge on security posture. You'll sit in on customer conversations, own the trust narrative, and directly unblock sales. Full-spectrum scope. Most GRC roles silo you into audit or privacy or vendor risk. Here you own all of it, with the engineering proximity to actually change how things get built. Surround yourself with top-tier talent and fast-track your career : this is a foundational seat with a clear path to building and leading a team. How you will make an impact: Run SOC 1 and SOC 2 Type II audit cycles end to end: control design, evidence automation, auditor relationships, and clean reports delivered on schedule, every cycle. Build Pallet's privacy program for GDPR and CCPA/CPRA:data inventory and mapping, DSAR handling, DPAs, and privacy reviews baked into product development. Primary point of contact for external auditors and assessors in collecting evidence, audit responses, timelines. Translate audit findings into actionable plans. Implement continuous-compliance infrastructure so audit readiness is a byproduct of how we operate, not an annual fire drill. Embed security and privacy controls into engineering and product workflows, earning adoption through partnership rather than mandate. Stand up vendor risk management: security reviews, DPA negotiation support, and an ongoing third-party risk register. Own the customer-facing trust motion (security questionnaires, trust center, customer audits) and measurably shorten enterprise sales cycles. Preferred experience: 7-12 years across GRC, security compliance, or audit, including full ownership of at least two SOC 2 Type II cycles. Built or significantly matured SOC, ISO, GDPR, and privacy compliance programs in-house - you've operationalized privacy, not just advised on it. Technically credible with engineers: comfortable discussing access controls, encryption, logging, and cloud infrastructure (AWS/GCP) without needing translation. Deep hands-on experience with compliance automation platforms and evidence workflows. Startup-calibrated judgment: you know which risks matter, build lightweight process, and have certifications (CISA, CISSP, ISO 27001 LA) as a bonus rather than a substitute for experience. Interview Process: Chat with Christy - Business Recruiter - 30 mins Chat with Austin Zheng - 30-45 mins Proficiency Assessment Final Interview - 3-4 hours Brief Background Check and Reference Check We move fast, and we'll keep you informed at every stage of the process. Location: This role is an in-office role in our San Francisco office (5 mins walk from Montgomery BART Station)

Benefits

Additional Information

About Pallet Pallet is building AI Agents to transform logistics - a $12 trillion global industry. We've raised $50M from top investors, including General Catalyst, Bessemer Venture Partners, and Bain Capital Ventures. In under two years, we've achieved 700% revenue growth and are just getting started. Our mission is to increase the efficiency of the global supply chain by automating the manual workflows that slow logistics teams down - from scheduling and appointment setting to data entry and load management. Our flagship platform provides end-to-end visibility, control, and optimization, while our newest product, CoPallet, introduces AI Agents that can understand and execute requests in real time, and integrate directly with customer systems. As logistics providers look to generative AI to drive efficiency, many are turning to Pallet to lead the way. With deep industry expertise and cutting-edge AI capabilities, we're positioned to build the next $10B company in logistics. Join us and work alongside leaders from Google, DoorDash, YC, and more to shape the future of logistics tech. You could be a GRC Lead anywhere, why us? Join a well-funded, high-growth startup on the path to IPO ($50M raised, 700% revenue growth in 2 years, targeting a $6T market) Work directly with our Head of Finance and CTO Help transform a massive industry and scale us toward a $10 B+ business

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at pallet? Share your experience