Senior Director, Global Head of GRC

External

Proofpoint · Sunnyvale, CA

Full-timeOn-siteToday

ComplianceInformation SecurityLeadershipPCI DSSRisk ManagementSOC 2

Cover Letter Connect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

About the role

Proofpoint is a global leader in human- and agent-centric cybersecurity. We protect how people, data, and AI agents connect across email, cloud, and collaboration tools. Over 80 of the Fortune 100, 10,000 large enterprises, and millions of smaller organizations trust Proofpoint to stop threats, prevent data loss, and build resilience across their people and AI workflows. Our mission is simple: safeguard the digital world and empower people to work securely and confidently. Join us in our pursuit to defend data and protect people. How We Work: At Proofpoint you'll be part of a global team that breaks barriers to redefine cybersecurity guided by our BRAVE core values: Bold in how we dream and innovate Responsive to feedback, challenges and opportunities Accountable for results and best in class outcomes Visionary in future focused problem-solving Exceptional in execution and impact Senior Director, Global Head of GRC Location: Sunnyvale, CA Department: Information Security Reports To: Chief Information Security Officer (CISO) Company Overview Proofpoint is a global leader in human- and agent-centric cybersecurity, securing how people, data and AI agents connect across email, cloud and collaboration tools. Proofpoint is a trusted partner to over 80 of the Fortune 100, over 10,000 large enterprises, and millions of smaller organizations in stopping threats, preventing data loss, and building resilience across people and AI workflows. Proofpoint's collaboration and data security platform helps organizations of all sizes protect and empower their people while embracing AI securely and confidently. Role Overview The Senior Director, Global Head of GRC owns Proofpoint's global trust strategy-defining how the company manages risk, achieves regulatory compliance, and enables secure growth across commercial, public sector, and defense markets. Reporting to the CISO, this role is accountable for building and scaling a modern, business-aligned GRC function that transforms compliance into a strategic advantage-accelerating market access, strengthening customer trust, and supporting Proofpoint's expansion into highly regulated environments. As the global leader for GRC, you will drive enterprise-wide visibility into risk and compliance posture, aligning security, engineering, legal, and go-to-market teams around a unified framework that supports innovation in cloud, data security, and AI-driven products.

Responsibilities

Strategic Leadership & Trust Ownership

Define and execute Proofpoint's global GRC and trust strategy, aligned with business growth, product innovation, and market expansion.

Serve as the global functional head of GRC , with end-to-end accountability for governance, risk management, compliance, and security assurance.

Position compliance as a business enabler , directly supporting revenue growth, customer acquisition, and entry into regulated markets.

Establish a unified control framework that scales across products, cloud platforms, and geographies while reducing audit friction and duplication.

Market Access & Regulatory Strategy

Lead compliance strategy supporting expansion into U.S. public sector and defense markets , including FedRAMP (Moderate/High) and CMMC Level 2 .

Enable international growth through alignment with regional frameworks (e.g., IRAP, ISMAP, ENS, BSI C5, TISAX, ACN).

Partner with go-to-market teams to leverage certifications and regulatory posture as a competitive differentiator in customer engagements .

Act as a strategic advisor on regulatory requirements impacting product strategy, cloud deployments, and data residency.

Global Compliance & Certification Programs

Own end-to-end delivery of global audits, certifications, and regulatory engagements.

Ensure successful execution and continuous maturity across key frameworks: ISO 27001 / ISO 42001

SOC 2 Type II

FedRAMP (Moderate/High)

CMMC Level 2

PCI DSS

Regional frameworks (IRAP, ISMAP, ENS, BSI C5, TISAX, ACN, etc.)

Drive continuous compliance through automation, control optimization, and integration into engineering and operational workflows.

Embed compliance requirements into product and cloud architecture in partnership with Engineering and Product teams.

Risk Management & Governance

Own and mature enterprise risk management (ERM), including risk identification, quantification, prioritization, and executive reporting.

Establish governance structures that provide clear accountability and real-time visibility into enterprise risk posture.

Align risk appetite with business objectives in partnership with executive leadership.

Oversee third-party risk management and supply chain security programs.

Operational Excellence & Assurance

Define KPIs and metrics to measure GRC program effectiveness, control maturity, and business impact.

Drive audit readiness, control effectiveness, and enterprise-wide remediation programs.

Enhance GRC tooling, automation, and data visibility to support scalable, efficient compliance

Senior Director, Global Head of GRC

About the role

Responsibilities

Benefits

Your Match

Company Intel

What employees say

Interested in this role?