Manager, GRC Subject Matter Experts, Product

Benefits

Additional Information

At Vanta, our mission is to help businesses earn and prove trust. We believe that security should be monitored and verified continuously, and we empower companies to practice better security and prove it with ease. Vanta has a kind and talented team, and while some have prior security experience, many have been successful at Vanta without it. As Vanta rapidly grows and moves upmarket, we're working with increasingly sophisticated customers who have complex security and compliance needs across a wide range of industries and geographies. The GRC Subject Matter Experts, Product team sits at the heart of how Vanta meets that demand - they are the GRC authorities behind every framework, test, and piece of compliance content the platform ships, and they partner directly with Product, Engineering, and Design to shape the GRC Frameworks part of the product. As the Manager of the GRC Product Subject Matter Experts team at Vanta, you will lead the team responsible for the lifecycle, quality, and product integration of Vanta's frameworks, tests, and broader GRC content. Your team spans commercial frameworks, government frameworks, test authoring, framework quality uplift, and framework maintenance, and their work touches everything from SOC 2, ISO 27001/27701, HIPAA, PCI DSS, and NIST to FedRAMP and emerging regulations. You will manage and develop this team while also owning and governing the end-to-end framework release process in partnership with Product and Engineering. You'll join Vanta's Security organization, which provides essential security operational services, is directly involved in the software development process, sets policies and standards regarding enterprise-wide security requirements, and offers advisory services to enable our business to thrive while effectively managing risk. If you're someone with deep GRC expertise, a track record of developing people, and the program instincts to drive a high-volume content and product release engine, we'd love to hear from you. What you'll do as a Manager of GRC Subject Matter Experts, Product at Vanta: Hire, mentor, and develop a team of SMEs covering commercial frameworks, government frameworks, test authoring, framework quality uplift, and framework maintenance - planning for current and future capacity needs, setting the bar for technical depth and content quality, and preparing high performers for broader scope Build a stable, motivated team environment with clear operating rhythms, delegating effectively to grow ownership and capability, and partnering with your leader and People Business Partner to spot and address team health issues early Connect the team's roadmap and content priorities to Vanta's broader product and company strategy, anticipating near-term shifts in customer needs, regulatory landscape, and product direction, and adjusting focus to keep the team aligned Create open feedback loops within the team and adapt how you communicate priorities, decisions, and risks across different audiences - from individual contributors to engineering, GTM partners, customers, and executives Lead the team through change with steadiness while holding yourself and them accountable for commitments - communicating progress and risks proactively, addressing misses directly, and creating an environment where mistakes are treated as learning opportunities rather than blame Own and govern Vanta's framework release process end-to-end, partnering with Product and Engineering to define the playbook for how new frameworks, framework updates, automated tests, crosswalks, and content are scoped, built, reviewed, and shipped Drive the program management work that surrounds GRC content - including new framework launches, framework updates, update notes, customer escalations, content and test requests, PMM material reviews, and licensing and pricing input Track team performance and report KPIs and metrics to security and product leadership, including framework release velocity, content quality, adoption, time-to-evidence, and customer impact Break down ambiguous and competing priorities - across framework launches, framework updates, test authoring, and quality uplift - into clear, actionable decisions, balancing customer demand, market opportunity, and engineering capacity, and escalating complex tradeoffs with context and a recommended path forward Lead the quality uplift effort for older commercial frameworks, ensuring Vanta's full library meets a consistent and modern standard for control wording, evidence specificity, and testing method Set direction for the team's work on crosswalks and mappings across security and privacy frameworks, including canonical control IDs, mapping confidence, and evidence data dictionaries, and partner with Engineering to operationalize them in-product Steer the team's contribution to the broader GRC product surface - risk management, issue and corrective action management (POA&M), policy management, access reviews, Trust C

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at vanta? Share your experience