Security Compliance Lead (GRC)

About Faire

Faire is an online wholesale marketplace built on the belief that the future is local — independent retailers around the globe are doing more revenue than Walmart and Amazon combined, but individually, they are small compared to these massive entities. At Faire, we’re using the power of tech, data, and machine learning to connect this thriving community of entrepreneurs across the globe. Picture your favorite boutique in town — we help them discover the best products from around the world to sell in their stores. With the right tools and insights, we believe that we can level the playing field so that small businesses everywhere can compete with these big box and e-commerce giants.

About The Role

As Faire’s inaugural GRC Lead, you will be responsible for designing, implementing, and scaling our governance, risk, and compliance program from the ground up. This role blends strategic planning with hands‑on execution to establish the frameworks, processes, and controls that strengthen our security, privacy, and compliance posture. You will work closely with teams across engineering, IT, legal, and finance to integrate risk management into everyday operations, ensure alignment with regulatory and industry standards, and support Faire’s evolving business and product needs. In addition to building the core GRC program, you will lead our preparation for SOX ITGC readiness by collaborating with internal partners and external auditors to define scope, document controls, and enhance our audit processes. This role is ideal for someone who enjoys building programs from the ground up, can navigate both technical and compliance challenges, and is eager to shape how Faire manages risk at scale.

What You’ll Do

• Formulate and drive GRC roadmap, policies, vendor security reviews, and employee awareness training.
• Opportunity to expand into the SOX ITGC program.
• Develop and maintain a robust governance framework to support Faire’s strategic objectives and ensure alignment with industry best practices.
• Ensure adherence to applicable laws, regulations, and standards (e.g., CCPA / GDPR).
• Develop and deliver GRC training programs for employees to promote a culture of accountability and awareness.
• Partner with external auditors to achieve security compliance certifications and reports.
• Regularly report on status, operational metrics, and KPIs, providing transparency to company leadership and internal stakeholder teams.
• Drive compliance certifications including ISO 27001, CCPA, GDPR, and SOC 2 Type II.

What It Takes

Salary Range

California : the pay range for this role is $178,000 to $245,000 per year. This role will also be eligible for equity and benefits. Actual base pay will be determined based on permissible factors such as transferable skills, work experience, market demands, and primary work location. The base pay range provided is subject to change and may be modified in the future.

Work Location & Flexibility

Hybrid Faire employees currently go into the office 2 days per week on Tuesdays and Thursdays. Effective starting in January 2026, employees will be expected to go into the office on a third flex day of their choosing (Monday, Wednesday, or Friday). Additionally, hybrid in‑office roles will have the flexibility to work remotely up to 4 weeks per year. Specific Workplace and Information Technology positions may require onsite attendance 5 days per week as will be indicated in the job posting. Applications for this position will be accepted for a minimum of 30 days from the posting date.

Why You’ll Love Working at Faire

Seniority level

Employment type

Job function

EEO & Accessibility

Faire provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, genetics, sexual orientation, gender identity or gender expression. Faire is committed to providing access, equal opportunity and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. Accommodations are available throughout the recruitment process and applicants with a disability may request to be accommodated throughout the recruitment process. To request reasonable accommodation, please fill out our Accommodation Request Form (https : / / bit.ly / faire-form).

Privacy

For information about the type of personal data Faire collects from applicants, as well as your choices regarding the data collected about you, please visit Faire’s Privacy Notice (https : / / www.faire.com / privacy).

#J-18808-Ljbffr