Senior GRC Specialist

Remote $140k–$220k senior 5 days ago full-time quality 9/10

Role in brief

Cohere, an AI company, is seeking a Senior GRC Specialist to build and scale compliance programs, focusing on AI governance and public sector requirements. This role involves developing controls, automating processes, and managing projects across various regulatory frameworks. Professionals with substantial experience in compliance, particularly with FedRAMP and ISO 42001, and strong project management skills should consider applying.

compliancerisk managementAI governanceproject managementautomationPython

About the role

This role involves establishing and expanding compliance programs, controls, and processes to meet diverse regulatory standards such as SOC 2, ISO 27001, HIPAA, and ISO 42001. A significant part of the work will focus on preparing for FedRAMP and DoD compliance, as well as addressing broader enterprise and customer-facing obligations. The specialist will work to ensure the company's AI systems adhere to governance frameworks.

The Senior GRC Specialist will collaborate with various internal teams, including Security, Engineering, Modeling, Product, and Legal, to translate regulatory requirements into actionable and scalable controls. A key aspect of the position is enhancing compliance operations through automation, tooling, and streamlined workflows. This includes developing scripts or simple tools for tasks like evidence collection, reporting, and tracking controls.

Success in this position means effectively managing cross-functional projects, adhering to timelines, overseeing remediation efforts, and preparing for audits. The specialist will also be responsible for supporting audits, assessments, and responding to compliance requests from customers or regulatory bodies. The goal is to maintain robust compliance across all company operations, especially within the evolving landscape of AI governance.

The salary for this position ranges from $140,000 to $220,000 USD.

Skills that matter here

  • compliance: This role requires building and scaling compliance programs across multiple regulatory frameworks, including SOC 2, ISO 27001, HIPAA, FedRAMP, and DoD.
  • risk management: The specialist will contribute to managing risks by implementing controls and processes that align with various compliance standards.
  • AI governance: A core responsibility is to support and mature compliance efforts specifically related to AI governance, including work aligned with ISO 42001 and the EU AI Act.
  • project management: The role involves managing cross-functional projects, timelines, remediation efforts, and audit preparation.
  • automation: The specialist will improve compliance operations by designing and implementing automation, tooling, and scalable workflows.
  • Python: Some hands-on experience with Python or similar scripting is beneficial for building lightweight tools for automation tasks like evidence collection and reporting.

Who this role suits

  • A person with at least 7 years of experience in building and scaling compliance programs, especially within highly regulated or public sector environments.
  • Someone who has direct experience with AI governance frameworks like ISO 42001.
  • An individual with strong project management capabilities and a knack for cross-functional execution.
  • A technically fluent professional comfortable collaborating with engineering and security teams, with an interest in using scripting for automation.

From the employer

What You’ll Do

  • Build, implement, and scale compliance programs, controls, and processes across frameworks and regulatory requirements including SOC 2, ISO 27001, HIPAA, ISO 42001, Product Compliance, and FedRAMP/DoD (+others)
  • Support and mature compliance efforts related AI governance including work aligned to ISO 42001 and the EU AI Act
  • Drive compliance readiness for FedRAMP, DoD, and related public sector requirements, while supporting broader enterprise and customer-facing compliance obligations
  • Partner with Security, Engineering, Modeling, Product, Legal, and other cross-functional teams to translate requirements into practical, scalable controls
  • Improve compliance operations through automation, tooling, and scalable workflows
  • Help build scripts or lightweight tools for evidence collection, reporting, control tracking, and audit readiness
  • Manage cross-functional projects, timelines, remediation efforts, and audit preparation
  • Support audits, assessments, and customer or regulatory compliance requests.

What We’re Looking For

You’ll ideally have 7+ years of progressive experience in the following:

  • Building and scaling compliance programs across multiple frameworks and regulatory requirements, including SOC 2, ISO 27001, HIPAA, with extensive experience in FedRAMP, DoD, and public sector or highly regulated environments
  • AI governance and frameworks such as ISO 42001
  • Strong project management and cross-functional execution skills
  • Technical fluency and comfort working with Engineering and Security teams
  • Automation, workflow tooling, or process design; some hands-on experience with Python or similar scripting for lightweight automation is a plus
  • Strong written communication, organization, and attention to detail.

Full-Time Employees at Cohere Enjoy These Perks

  • A weekly lunch stipend of $75/£75 or equivalent in your local currency for lunch.
  • Full health and dental benefits, including a separate budget for mental health.
  • RRSP matching, 401K, Pension Scheme.
  • 100% Parental Leave top-up for up to 6 months, for either parent.
  • Annual enrichment benefits:
  • Arts & culture, fitness/wellness, quality time, and a workspace improvement credit.
  • Education & learning stipend for conferences, courses, and coaching.
  • 6 weeks of paid vacation (30 working days!)
  • Budget for traveling to other offices if you are remote, plus an annual company offsite.

Questions about this role

What is the remote work policy for this role?

This is a fully remote position.

What level of seniority is expected for this position?

This is a senior-level role, requiring 7+ years of progressive experience in relevant areas.

What are the key skills required for this role?

Key skills include compliance, risk management, AI governance, project management, automation, and some experience with Python.

Similar jobs

Before you apply

  • Legitimate employers never ask you to pay anything to apply or get hired.
  • Never share seed phrases or private keys. No real job needs them.
  • Do not install software ("test tasks", "trading tools", "video call clients") sent during hiring.
  • Check that the application page's domain really belongs to Cohere.