Senior Governance, Risk & Compliance Expert

Senior Governance, Risk & Compliance Expert

Description -

Job Summary 

We are seeking a highly experienced Governance, Risk & Compliance Expert to join our global tech team. In this senior role (with ~8+ years of GRC experience), you will lead and enhance our enterprise GRC programs, ensuring effective risk management, compliance with security frameworks, and continuous improvement of policies and processes. The ideal candidate has hands-on expertise with GRC tools (such as RSA Archer, Navex IRM, MetricStream, etc.), a strong technical background (bonus: experience with AI/ML technologies and the ability to develop AI-driven solutions), and excellent soft skills including critical thinking and the ability to communicate risk insights to senior leadership.
 

Key Responsibilities 

• Risk Management & Compliance: Develop and maintain risk registers and ensure compliance with relevant cybersecurity frameworks (e.g., NIST CSF, ISO 27001) 
• GRC Tool Implementation: Configure and manage GRC platforms (such as RSA Archer, Navex, MetricStream, or similar) to automate workflows and reporting. Ensure these tools are optimally used for tracking compliance activities, risk assessments, and audit findings. 
• Process Flow Development: Design and document end-to-end GRC process flows and workflows, translating compliance requirements into actionable processes. Take a hands-on role in optimizing and re-engineering processes for efficiency and effectiveness, rather than only overseeing them. 
• Cross-Functional Collaboration: Work closely with IT, Security, Legal, and business teams to integrate GRC practices into all operations.  
• Reporting & Leadership Communication: Prepare comprehensive risk and compliance reports. Present findings, metrics, and recommendations to senior management and executive stakeholders, articulating complex issues in a clear, structured manner. 
• Continuous Improvement & Innovation: Stay abreast of emerging technologies (including AI/ML) and best practices in GRC. Proactively recommend and implement enhancements to the GRC program, such as using AI-driven tools for threat detection or compliance automation, to improve effectiveness and efficiency. 
   

Qualifications & Experience (Required) 

• Experience: Approximately 8-10+ years of progressive experience in governance, risk, and compliance roles, preferably in a tech environment, with a strong track record in risk management, compliance oversight, and information security. 
• Technical Skills: Proven expertise in administering and configuring GRC tools/platforms (e.g., Archer, Navex IRM, MetricStream, ServiceNow GRC) to support enterprise compliance and risk programs1. Solid understanding of IT systems and controls; able to assess and implement technical controls aligned with security frameworks. 
• Framework Knowledge: In-depth knowledge of industry standards and cybersecurity frameworks such as NIST CSF, ISO 27001, SOC 2, and related regulations or best practices. Ability to translate framework requirements into internal controls and processes. 
• Soft Skills: Excellent analytical and critical thinking abilities. Strong communication and interpersonal skills, with experience presenting risk and compliance updates to senior leadership in a clear and impactful way2. Proven ability to work both independently and collaboratively to solve complex, unstructured problems. Quick learner who adapts to new tools and evolving regulatory environments. 
• Education: Bachelor’s degree in Computer Science, Information Security, Information Technology, or a related field. (Equivalent work experience or demonstrated competence is also acceptable.) 

 

The base pay range for this role is $105,050 to $161,800 annually with additional opportunities for pay in the form of bonus and/or equity (applies to US candidates only).  Pay varies by work location, job-related knowledge, skills, and experience.

Benefits:

HP offers a comprehensive benefits package for this position, including:

• Health insurance
• Dental insurance
• Vision insurance
• Long term/short term disability insurance
• Employee assistance program
• Flexible spending account
• Life insurance
• Generous time off policies, including; 
• 4-12 weeks fully paid parental leave based on tenure
• 13 paid holidays
• 15 days paid time off (US benefits overview)

The compensation and benefits information is accurate as of the date of this posting. The Company reserves the right to modify this information at any time, with or without notice, subject to applicable law.

Job -

Data & Information Technology

Schedule -

Full time

Shift -

No shift premium (United States of America)

Travel -

Relocation -

Equal Opportunity Employer (EEO) - 

HP, Inc. provides equal employment opportunity to all employees and prospective employees, without regard to race, color, religion, sex, national origin, ancestry, citizenship, sexual orientation, age, disability, or status as a protected veteran, marital status, familial status, physical or mental disability, medical condition, pregnancy, genetic predisposition or carrier status, uniformed service status, political affiliation or any other characteristic protected by applicable national, federal, state, and local law(s).

Please be assured that you will not be subject to any adverse treatment if you choose to disclose the information requested. This information is provided voluntarily. The information obtained will be kept in strict confidence.

For more information, review HP’s EEO Policy or read about your rights as an applicant under the law here: “Know Your Rights: Workplace Discrimination is Illegal"