Senior Governance, Risk & Compliance Specialist - Remote

About the Role

We are seeking a Senior Governance, Risk & Compliance Specialist to join our team at Mark43. This remote role is crucial for enhancing our global compliance program, ensuring that we maintain our ISO 27001 certification and drive HIPAA compliance initiatives. You will work closely with cross-functional teams in the UK and US, making this an exciting opportunity to impact our mission of empowering communities through innovative technology.

What You'll Do

• Develop, implement, and continuously improve security policies, procedures, and standards to ensure compliance with ISO 27001, HIPAA, GDPR, and other applicable frameworks.
• Maintain and enhance our ISO 27001 certification, including control oversight, evidence collection, internal audits, and external audit support.
• Lead HIPAA readiness and compliance initiatives, translating regulatory requirements into practical, scalable controls.
• Conduct risk assessments, identify potential risks, and develop mitigation strategies in partnership with Engineering, Product, IT, and Legal teams.
• Manage control maturity initiatives and drive continuous process improvement across GRC activities.
• Respond to security questionnaires, customer due diligence requests, and third-party audits with clarity and efficiency.
• Deliver training and awareness initiatives that strengthen understanding of security and compliance responsibilities across the organization.
• Serve as a subject matter expert in Information Security, effectively communicating with both technical and non-technical audiences.

Requirements

• Five to eight years of experience in a GRC role within a SaaS or technology environment operating in regulated industries.
• Hands-on experience maintaining ISO 27001 certification, including ownership of control operation, internal audit coordination, and corrective actions.
• Direct experience supporting or leading HIPAA compliance initiatives, including translating regulatory requirements into operational controls.
• Strong working knowledge of operating within an ISO aligned Information Security Management System.
• Ability to independently facilitate audits, risk assessments, and compliance initiatives, managing timelines, stakeholders, and follow-ups with minimal oversight.
• Strong communication skills, with the ability to translate complex regulatory and audit requirements into clear, actionable guidance.
• Relevant certifications such as ISO 27001 Lead Auditor, CISA, CISM, CRISC, or similar are a plus.

Nice to Have

• Experience working cross-functionally with Engineering, IT, Security, Legal, and Operations teams.
• Familiarity with GDPR and other international compliance frameworks.
• Experience in delivering training and awareness programs.

What We Offer

• Competitive salary with an estimated range of $90,000 to $130,000 annually.
• Flexible remote work environment.
• Opportunities for professional development and growth.
• A diverse and inclusive workplace culture.
• Comprehensive benefits package including health insurance and retirement plans.