logo inner

Governance, Risk & Compliance Lead

WhatnotSan Francisco, California, United States | Los Angeles, California, United States | New York, New York, United States | Phoenix, Arizona, United States | Seattle, Washington, United States | Denver, Colorado, United StatesOnsite
This job is no longer open

šŸš€ Whatnot


Whatnot is a livestream shopping platform and marketplace backed by Andreessen Horowitz, Y Combinator, and CapitalG. Weā€™re building the future of ecommerce, bringing together community, shopping and entertainment. We are committed to our values, and as a remote-first team, we operate out of hubs within the US, Canada, UK, Ireland, and Germany today.Weā€™re innovating in the fast-paced world of live auctions in categories including sports, fashion, video games, and streetwear. The platform couples rigorous seller vetting with a focus on community to create a welcoming space for buyers and sellers to share their passions with others.And, weā€™re growing.

Whatnot has been the fastest growing marketplace in the US over the past two years and weā€™re hiring forward-thinking problem solvers across all functional areas.

šŸ’» Role


  • The successful candidate will be responsible for developing and managing a comprehensive security governance, risk, and compliance program.
  • Evaluate existing security policies and procedures and recommend improvements.
  • Ensure compliance with security standards, such as ISO 27001, NIST 800-53, PCI and GDPR/ CCPA.
  • Create and maintain security awareness and training programs.
  • Conduct security risk assessments and develop risk mitigation plans.
  • Own security program reporting, metrics and dashboards for presentations to senior level leadership in the areas of security governance, risk management, security awareness, and third-party risk management.

šŸ‘‹ You


Curious about who thrives at Whatnot? Weā€™ve found that low ego, a growth mindset, and leaning into action and high impact goes a long way here.As our GRC Lead you should have a minimum of 8+ years of relevant experience in security governance, risk, and compliance, preferably in a large enterprise environment, plus:

  • A Bachelorā€™s degree in Computer Science, Information Security, or a related field.
  • Deep knowledge of security best practices and industry standards, such as ISO 27001, SOC-2, NIST 800-53, PCI and GDPR/ CCPA.
  • Experience in supporting complex third party audit projects in a cloud centric environment, with a strong aptitude to understand emerging technologies to assure regulatory and compliance requirements are met.
  • Excellent written communication skills with the ability to document, communicate, and report security assessments as well as the status of the implementation and effectiveness of cybersecurity controls with product and business leaders.

šŸ’°Compensation


For US-based applicants:$230,000/year to $310,000/year + benefits + stock optionsThe salary range may be inclusive of several levels that would be applicable to the position. Final salary will be based on a number of factors including, level, relevant prior experience, skills and expertise. This range is only inclusive of base salary, not benefits (more details below) or equity in the form of stock options.

šŸŽ Benefits


  • Flexible Time off Policy and Company-wide Holidays (including a spring and winter break)
  • Health Insurance options including Medical, Dental, Vision
  • Work From Home Support
  • $1,000 home office setup allowance
  • $150 monthly allowance for cell phone and internet
  • Care benefits
  • $450 monthly allowance on food
  • $500 monthly allowance for wellness
  • $5,000 annual allowance towards Childcare
  • $20,000 lifetime benefit for family planning, such as adoption or fertility expenses
  • Retirement; 401k offering for Traditional and Roth accounts in the US (employer match up to 4% of base salary) and Pension plans internationally
  • Parental Leave
  • 16 weeks of paid parental leave + one month gradual return to work *company leave allowances run concurrently with country leave requirements which take precedence.

šŸ’› EOE


Whatnot is proud to be an Equal Opportunity Employer. We value diversity, and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, parental status, disability status, or any other status protected by local law. We believe that our work is better and our company culture is improved when we encourage, support, and respect the different skills and experiences represented within our workforce.

This job is no longer open

Life at Whatnot

Whatnot: Buy, Sell & Go Live
Thrive Here & What We Value* Remotefirst with hubs: US, Canada, UK, Ireland, Germany* Community-focused platform* Fast-paced environment* Live auctions in sports, fashion, video games, streetwear* Equal Opportunity Employer* Diversity and respect for skills & experiences* Forward-thinking problem solvers* Engineering team growth
View more
Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
Popular SubRemote JobsWeb 3.0 JobsiOS Developer JobsFront End Developer Remote JobsJobs in AustinAccount Manager Remote JobsCannabis Careers
CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
Copyright Ā© 2024