Why This Job is Featured on The SaaS Jobs
Trust has become a product differentiator in SaaS, particularly for platforms selling into regulated industries and larger enterprises. A Director of Governance, Risk & Compliance role like this sits at the intersection of customer expectations, cloud delivery, and formal assurance—owning the certifications and evidence that increasingly determine whether a SaaS vendor can enter or expand within security-conscious markets.
From a SaaS career standpoint, the scope signals broad exposure to how modern companies operationalise security: unifying control frameworks across multiple standards, automating compliance work, and translating technical realities into audit-ready narratives. Experience spanning customer questionnaires, third‑party risk, contract reviews, and cloud security tends to travel well across SaaS businesses because it maps directly to recurring revenue motions where renewals and expansion depend on ongoing trust.
This role is best suited to a senior GRC professional who prefers hands-on ownership over purely advisory work, and who enjoys building repeatable programs rather than maintaining static policies. It will fit someone comfortable partnering across security, legal, and commercial stakeholders, and who wants to be measured on practical outcomes like audit readiness, control effectiveness, and reduced friction in customer due diligence.
The section above is editorial commentary from The SaaS Jobs, provided to help SaaS professionals understand the role in a broader industry context.
Job Description
As a leader of trust operations, you’ll play a key role in ensuring trust and security are core to our product. This will be a hands-on position as we mature our security team and you will be responsible for improving and automating our compliance program.
RESPONSIBILITIES
- Manage Certification program (ISO, PCI, SOC2, HIPAA etc.)
- Ensure compliance with applicable controls based on a unified control framework
- Manage customer audits and questionnaires
- Cloud security
- Security awareness training
- Contract reviews
- Third party risk management
QUALIFICATIONS
- 12+ years of compliance experience
- Building a compliance program in a cloud environment
- In-depth knowledge of control frameworks
- Ability to be hands on
- Familiarity with attack frameworks and mitigation
- Experience managing customer audits is a plus
- Privacy experience is a plus
PERKS & BENEFITS
- We offer Gongsters a variety of medical, dental, and vision plans, designed to fit you and your family’s needs.
- Wellbeing Fund - flexible wellness stipend to support a healthy lifestyle.
- Mental Health benefits with covered therapy and coaching.
- 401(k) program to help you invest in your future.
- Education & learning stipend for personal growth and development.
- Flexible vacation time to promote a healthy work-life blend.
- Paid parental leave to support you and your family.
- Company-wide recharge days each quarter.
- Work from home stipend to help you succeed in a remote environment.
The annual salary hiring range for this position is $185,000- $275,000 USD.
Compensation is based on factors unique to each candidate, including, but not limited to, job-related skills, qualification, education, experience, and location. At Gong, we have a location-based compensation structure, which means there may be a different range for candidates in other locations. The total compensation package for this position, in addition to base compensation, may include incentive compensation, bonus, equity, and benefits. Some of our sales compensation programs also offer the potential to achieve above targeted earnings for those who exceed their sales targets.
We are always looking for outstanding Gongsters! So if this sounds like something that interests you regardless of compensation, please reach out. We may have more roles for you to consider and would love to connect.
We have noticed a rise in recruiting impersonations across the industry, where scammers attempt to access candidates' personal and financial information through fake interviews and offers. All Gong recruiting email communications will always come from the @gong.io domain. Any outreach claiming to be from Gong via other sources should be ignored.
Gong is an equal-opportunity employer. We believe that diversity is integral to our success, and do not discriminate based on race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, military status, genetic information, or any other basis protected by applicable law.
To review Gong's privacy policy, visit https://www.gong.io/gong-io-job-candidates-privacy-notice/ for more details.
#LI-SM1
