GRC Specialist

This role requires candidates who are currently authorized to work in the U.S. without sponsorship, and C2C arrangements are not accepted. This role is remote but requires occasional on-site visits in Irvine, CA each month.

Overview

We are seeking an experienced

Governance, Risk, and Compliance (GRC) Specialist

to support enterprise-level data governance, compliance, and risk initiatives. This role is highly execution-focused, with primary responsibility for implementing

Records Retention

and

Data Classification / Obfuscation

programs within large, complex organizations.

The ideal candidate brings hands-on experience delivering governance frameworks, building workflows in GRC platforms, partnering with PMOs and database teams, and operationalizing compliance through dashboards, monitoring, and audit processes.

Key Responsibilities
Records Retention & Data Governance
Lead and support enterprise

records retention operational planning

in partnership with project management teams
Design and implement a

records retention framework

aligned to regulatory and business requirements
Build and maintain

records retention workflows

within GRC platforms (e.g., Collibra or similar tools)
Develop business user guides and documentation for records retention processes
Propose and maintain standardized

records retention update and approval processes
Conduct periodic

records retention audits

to ensure compliance
Design and deliver

compliance monitoring dashboards , alerts, and reporting
Partner with database and technical teams on governance tooling selection and implementation
Data Classification, Obfuscation & Compliance
Design and formalize

data classification, masking, and obfuscation frameworks
Build and manage

data classification workflows

within GRC platforms
Lead quarterly data classification reviews and governance checkpoints
Define and execute

data obfuscation strategies , including compliance validation and monitoring
Support recurring obfuscation activities and related testing efforts
Develop dashboards, alerts, and automated monitoring processes for ongoing compliance
Collaborate with DBAs and engineering teams on tool selection and implementation
Regulatory & Framework Expertise
Strong working knowledge of common governance and compliance frameworks, including:

NIST CSF
ISO 27001
SOC 2
GDPR
HIPAA
PCI DSS
SOX

Risk, Audit & Monitoring
Conduct risk assessments and identify control gaps
Support third-party risk management (TPRM) and business continuity initiatives
Design and execute internal audits
Support external audit activities and evidence collection
Build scalable compliance monitoring and reporting mechanisms
GRC Platforms & Technology
Experience using governance and compliance platforms and data tools such as:

Collibra
Delphix
Snowflake
Cloud platforms (e.g., AWS or similar)

Familiarity with emerging governance areas, including AI governance, cloud security, and automation
Required Skills & Attributes

Technical & Analytical Skills

Strong analytical thinking with the ability to translate regulatory requirements into operational solutions
Experience building workflows, dashboards, and monitoring processes
Ability to work cross-functionally with PMO, legal, compliance, security, and technical teams
Communication & Professional Skills

Clear, effective communication with both technical and non-technical stakeholders
Ability to create executive-level documentation, user guides, and process artifacts
Strong ethical standards and attention to detail
Adaptability to evolving regulatory and technology landscapes
Education & Certifications

Education

Bachelor's degree in Business, Information Technology, Finance, Law, or a related field
Preferred Certifications

CISA
CRISC
CGRC
CISSP
CISM
Ideal Background
Experience delivering

enterprise-scale data governance and compliance implementations
Proven success executing programs rather than only advising or designing
Background working in regulated environments with complex data ecosystems