Compliance Program Manager

Summary

Headquartered in sunny Los Angeles, GrayMatter Robotics is a well-capitalized AI robotics startup serving the manufacturing industry. We empower shop floor workers with our smart robots that assist with tedious and ergonomically challenging tasks, specifically in automated surface finishing. Our proprietary GMR-AI™ software is integrated with state-of-the-art industrial robots, sensors, and tools to create application-specific turnkey solutions for customers through a Robot-as-a-Service (RaaS) model.

We help manufacturers improve the quality of life for their workforce while increasing production capacity and reducing scrap, repair, and rework costs. We are in search of a compliance manager to lead the development of GrayMatter Robotics’ corporate compliance program. Serving both US government and commercial customers, we are looking for a versatile and organized individual with prior compliance and information security experience who can lead the development and management of existing and new compliance policies and procedures. Essential for this cross-functional role is the ability to work with a variety of stakeholders and customers and distill the necessary information to succeed at existing and new contracts and address gaps.

Role & Responsibilities

• Compile, implement, and maintain security policies, Standard Operating Procedures (SOPs), and compliance frameworks for existing and new obligations.

• Ensure adherence to cybersecurity regulations related to export-controlled data, including ITAR, CUI, and EAR.

• Oversee audits and lead certification processes, such as SOC 2, CMMC, and NIST compliance in collaboration with the vCISO.

• Handle InfoSec questions from customers and government contracts’ IT/InfoSec departments to handle their concerns, negotiate on our behalf, help the customer design their networks to be secure for them and for GMR.

• Maintain and implement security policies for enclaves deployed at HQ or on-site at customers and train the team on how to comply.

• Monitor and stay ahead of regulatory changes, updating company policies as needed and developing a regulatory compliance roadmap.

• Collaborate with IT and leadership teams to implement security best practices.

• Conduct internal security assessments and readiness reviews for compliance audits.

• Provide training and guidance on compliance and security best practices across the organization.

Export Control Requirements

In order to comply with the export regulations of the United States Government, it is required that the applicant must be a U.S. citizen or national.

Must meet export control requirements in the United States and maintain ongoing work authorization beginning at the time of hire through the entirety of employment.

Minimum Qualifications

• Bachelor's degree.

• 5+ years of industry experience designing, supporting, and/or managing comprehensive compliance programs and security policy frameworks.

• Experience leading compliance programs and successfully achieving security certifications.

• Deep understanding of US export control regulations (ITAR, EAR).

• Experience working with Directorate for Defense Trade Controls (DDTC) for ITAR licensing.

• Hands-on experience with security standards and frameworks such as ISO 27001, NIST SP800-171, SOC 2, CMMC, Cyber Essentials.

• Proficiency in access control, risk management, and data protection strategies.

• Fluency in networking and encryption technologies and standards, cloud systems (AWS, Azure, on-premise hosting), firewalls, VPNs, VLANs.

• Willingness to work in a fast-paced environment with quickly changing priorities.

• Excellent communication skills, with the ability to present complex information clearly to technical and non-technical stakeholders.

• Strong prioritization skills, a bias for action, and the ability to lead cross-functional efforts.

• Ability to create and enforce policies while effectively communicating with cross-functional teams.

Preferred Qualifications

• Bachelor's or Master’s degree in Information Systems, Computer Science, Information Security, or a related field.

• Experience in managing audit activities, including working with internal and external auditors.

• Knowledge of third-party risk and vendor security assessment.

• Experienced in pre-contract sales calls or enterprise procurement negotiations.

• Relevant certifications such as CISSP, CISM, CISA, CRISC, ISO 27001 Lead Auditor, SOC, ISAE3402.

• Prior experience with enterprise sales processes and procurement security assessments.

GrayMatter Robotics provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. We celebrate diversity and are committed to creating an inclusive environment for all employees. We encourage and embrace applicants of all backgrounds to apply!

GrayMatter Robotics is committed to providing reasonable accommodations for candidates with disabilities. If you believe you require accommodations during the recruiting process, please contact [email protected] to submit your request.

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

Compensation for this position includes the base salary range of $130,000 - $160,000 USD plus equity. We also provide comprehensive benefits and perks which include but are not limited to medical, dental, vision, unlimited PTO, 401(k) plan + employer match, regular offsite events, a discretionary fund for enhancing productivity and so much more! The range listed on job postings reflect the minimum and maximum new hire salary across levels in Los Angeles, CA.