GRC Leader

About GoodLeap :

GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $27 billion in financing for sustainable solutions since 2018.

GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America.

Position Summary

The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees' information.

As the lead for the GRC (Governance, Risk, and Compliance) team, this is a great opportunity to shape the security vision for compliance, governance, and privacy for the organization and drive innovation throughout relevant processes, technology solutions, and people. You will work with interesting and challenging use cases, technologies, and processes, define and implement predictive compliance controls, drive automation / efficiencies in privacy processes, 3rd party risk management, and regulatory, industry, and partner compliance activities. You will wear many hats, from advisor to doer, and everything in-between.

Essential Job Duties & Responsibilities

• Execute, maintain and improve the technology governance and complianceprogram, with a focus on automation, control right-sizing, and proactive compliance monitoring / enforcement, e.g., lead, rather than lag compliance controls.
• Own compliance processes for cyber security and privacy (e.g., SOC2, CCRA, GDPR, ISO27001, SOX-404) and drive compliance activities, such as SOC2 control operations and testing, 3rd party risk assessments, etc.
• Partner with the finance and audit team to define and implement effective, yet practical ITGCs for in-scope environments.
• Lead and / or coordinate partner and internal / external audits across all functional areas / GoodLeap business units.
• Partner with the legal team to implement and streamline privacy processes and controls.
• Build and lead a GRC team.
• Select, implement, and manage GRC solutions for the organization.

Required Skills, Knowledge & Abilities

In addition to the above salary, this role may be eligible for a bonus and equity.

Additional Information Regarding Job Duties and Job Descriptions :

Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position / department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law.

If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today!

PI261985498