VirgilHire With Rapha

Head of Governance, Risk & Compliance (GRC)

Remotefull-time$200K+

Benefits

Competitive payDesk setupUnlimited PTO401K matchGym StipendLearning StipendPaid Parental LeaveMacBook Pro + AccessoriesHealth Coverage

About company

Virgil is the fractional law firm that's reimagining legal services for startups. At Virgil, we know that running a startup comes with a mountain of back-office headaches—compliance, contracts, bookkeeping, intellectual property, and more. That's where we come in. Think of us as your painkiller, taking the sting out of legal complexities so you can focus on what really matters—growing your business. Our team of top-tier attorneys is on standby to provide you with the tailored legal support you need, when you need it, without the overhead of a full-time legal department. Say goodbye to legal stress and hello to seamless, startup-friendly solutions with Virgil at your side.

About the role

We are seeking an experienced Head of GRC to join Virgil. In this role, you will be responsible for the development and implementation of our organization's governance, risk management, and compliance programs, supporting both corporate operations and client services. This role involves establishing policies and procedures to ensure regulatory compliance, identifying and mitigating risks, and overseeing internal audits. You will work closely with senior leadership to integrate GRC strategies into the overall business plan, ensuring both corporate and client-facing aspects are addressed. Bonus points if you managed one of the following frameworks for audit readiness: SOC2, ISO, HIPAA, PCI, GDPR, or CCPA.

Ideally, you have 5+ years of experience in governance, risk management, and compliance roles, with a strong background in developing and implementing GRC programs for software companies. You may have held senior positions such as GRC Senior Manager or Director and are now seeking a leadership role that offers the opportunity to influence both corporate governance and client engagements. You may also have performed audits in the past and helped organization achieve certification and/or ongoing GRC needs.