Director, GRC, Privacy, & Trust
1PasswordPosted 3/12/2025
Director, GRC, Privacy, & Trust
1Password
Job Location
Salary Range
242k - 350k USD / YEAR
Job Summary
1Password is seeking an experienced security leader to grow and mature the Governance, Risk, Compliance (GRC), Privacy, & Trust function. The ideal candidate will lead and expand a high-performing team, mature processes, communicate with different segments of the company, and ensure customer trust. This role involves managing individual contributors, leading cross-functional programs, and partnering on customer contracts. The successful applicant will have 8+ years of experience in GRC and privacy programs, including international audits, risk management frameworks, and privacy regulations. They should also possess exceptional written and verbal communication skills and hands-on experience with various information security and privacy compliance frameworks.
Job Description
About 1Password:
We all have important information we need to manage, and protecting it should be easy. Over 150,000 businesses and millions of people log in to 1Password to unlock smart, simple access to everything they care about. Our vision is to create a safer, simpler digital future for everyone, and our culture values simplicity, honesty and a human-centric approach to solving problems. Come help us unlock peace of mind so everyone can stay safer online.
Here at 1Password we are deeply committed to customer privacy and security. The Security Team is passionate about our role in that mission and the ideal candidate for this role will share our excitement.
We’re looking for an experienced security leader to grow and mature the Governance, Risk, Compliance (GRC), Privacy, & Trust function here at 1Password. You will be responsible for audit and compliance, risk management, security governance, privacy engineering, privacy policy & reviews, and growing customer trust. You will lead and expand a high performing team, mature processes, communicate to different segments of the company, and ensure we continue to uphold the trust our customers have placed in us. As a member of the security leadership team, you will also partner with other leaders across security and the company to drive great security outcomes for our customers.
You will report directly to the VP, Security / CISO.
This is a Remote opportunity within Canada and the US.
What we're looking for:
- Experience: 8+ years leading GRC and privacy programs, including experience with international audits, risk management frameworks, and privacy regulations
- 5+ years experience managing individual contributors as well as experience managing other managers.
- Proven expertise in policy development, risk assessment, compliance monitoring, and privacy program management
- Passion for fostering psychological safety and stability in complex compliance environments.
- Hands-on experience with various information security and privacy compliance frameworks such as SOC 2 Type II, ISO 27001, FedRAMP, CMMC, GDPR, and CPRA.
- Experience with security and privacy automation tools for compliance monitoring and knowledge management
- Experience leading company-wide compliance initiatives, securing buy-in for security and privacy policies, and leading cross functional programs.
- Experience partnering on customer contracts, including security addendums and compliance terms, balancing customer expectations and business needs.
- Exceptional written and verbal communication skills with ability to communicate effectively with executives, legal counsel, and stakeholders.
- Experience managing third-party risk, vendor assessments, and external auditors
Key Responsibilities:
- Lead and mentor the GRC and Privacy Engineering team, fostering career growth and high performance
- Drive the organization's risk management strategy and oversee the implementation of risk assessment frameworks
- Develop and maintain information security and privacy policies, ensuring regular reviews and updates
- Establish strong partnerships across departments to align on security and compliance initiatives
- Engaging with customers, in partnership with Sales and Legal, to represent security in RFPs, due diligence, and security assessments.
- Oversee 1Password’s various information security and privacy certification processes ensuring compliance with relevant frameworks and regulations.
- Monitor and report on compliance metrics and program effectiveness
- Partner with legal and security teams to assess and mitigate business, technical, and regulatory risks
- Oversee relationships with external auditors and consultants
What you can expect:
- Impactful Work: Play a pivotal role in growing 1Password's governance, risk, compliance, and privacy programs
- Innovative Culture: Join a team that values creativity, innovation, and an entrepreneurial spirit
- Career Growth: Access ample opportunities for professional development and leadership growth in a rapidly expanding sector
USA-based roles only: The Annual base salary for this role is between $258,000 USD and $350,000 USD, plus immediate participation in 1Password's benefits program (health, dental, 401k and many others), utilization of our generous paid time off, an equity grant and, where applicable, participation in our incentive programs.
Canada-based roles only: The Annual base salary for this role is between $242,000 CAD and $328,000 CAD, plus immediate participation in 1Password’s generous benefits program (health, dental, RRSP and many others), utilization of our generous paid time off, an equity grant and, where applicable, participation in our incentive programs.
At 1Password, we approach each individual's compensation with a promise of fair market value and internal equity commensurate with experience and specific skill set.
We believe in the power of remote work, but we also recognize that in-person connection is sometimes important to help us achieve our mission. While we are a remote-first company, occasional travel for in-person engagement will be a part of this role. Frequency will depend on role and responsibilities, and may include, but is not limited to, annual department-wide offsites, team meetings, and customer/industry events. These events will typically be held in varying locations across Canada and the US.
What we offer:
We believe in working hard, and resting hard. We’re always looking for new ways to support our team members, but here’s a glance at what we currently offer:
Health and wellbeing
> 👶 Maternity and parental leave top-up programs
> 👟 Wellness spending allowance
> 🏝 Generous PTO policy
> 💖 Company-wide wellness days off scheduled throughout the year
> 🧠 Wellness Coach membership
> 🩺 Comprehensive health coverage
Growth and future
> 📈 Company equity for all full-time employees
> 💸 Retirement matching program
> 💡 Training budget, 1Password University access, and learning sessions
> 🔑 Free 1Password account (and friends and family discount!)
Flexibility and community
> 🤝 Paid volunteer days
> 🌎 Employee-led DEIB programs and ERGs and ECGs
> 🏠 Fully remote environment
> 🏆 Peer-to-peer recognition through Bonusly
You belong here.
1Password is proud to be an equal opportunity employer. We are committed to fostering an inclusive, diverse and equitable workplace that is built on trust, support and respect. We welcome all individuals and do not discriminate on the basis of gender identity and expression, race, ethnicity, disability, sexual orientation, colour, religion, creed, gender, national origin, age, marital status, pregnancy, sex, citizenship, education, languages spoken or veteran status. Be yourself, find your people and share the things you love.
Accommodation is available upon request at any point during our recruitment process. If you require an accommodation, please speak to your talent acquisition partner or email us at [email protected] and we’ll work to meet your needs.
Remote work is a part of our DNA. Given that our company was founded remotely in 2005, we can safely say we're experts at building remote culture. That said, remote work at 1Password does mean working from your home country. If you've got questions or concerns about this, your talent partner would be happy to address them with you.
Successful applicants will be required to complete a background check that may consist of prior employment verification, reference checks, education confirmation, criminal background, publicly available social media, credit history, or other information, as permitted by local law.
1Password uses an automated employment decision tool as a part of the recruitment process. See the latest bias audit information. A reasonable accommodation, reasonable alternative selection process, appeal or to exercise your right to opt-out of AADM may be requested by emailing [email protected] with subject "AI accommodation request". For additional information see our Candidate Privacy Notice.
