Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead security initiatives, develop policies, and ensure compliance across the organisation.
- Company: Maisa is revolutionising enterprise AI with reliable Digital Workers for automating knowledge work.
- Benefits: Enjoy a competitive salary, equity participation, and a professional development budget.
- Why this job: Make a direct impact on security while working with cutting-edge technologies in a collaborative environment.
- Qualifications: 3-5 years in security operations, familiarity with compliance frameworks, and strong communication skills required.
- Other info: This role is fully remote, offering flexibility and growth opportunities as the company scales.
The predicted salary is between 48000 - 84000 £ per year.
Operations · Multiple locations · Fully Remote
GRC / Security Lead
About Maisa
At Maisa, we\’re solving enterprise AI\’s biggest challenge: trust. We\’ve created the first platform that enables enterprises to build reliable Digital Workers for automating knowledge work without production failures or traditional automation limitations.
We\’re pioneering Agentic Process Automation for regulated industries. From banking to healthcare, our Digital Workers deliver verified, traceable results that meet the strictest compliance requirements.
Join us in transforming how enterprises work by making AI accountable for mission critical processes, turning Digital Workers into trusted team members, and empowering the people who know the work to finally automate it.
Role Overview
We\’re looking for a GRC / Security Lead to build and maintain trustworthy, compliant, and secure systems that our customers, partners, and auditors can rely on. This role sits at the critical intersection of technology, legal, and operations—ensuring we can not only build secure products but also prove our security posture to the world.
You\’ll be responsible for establishing our security foundation from the ground up, implementing compliance frameworks that scale with our growth, and serving as the trusted face of security for our customers and partners . This role reports directly to the COO and will work closely with the leadership team across all areas.
What You\’ll Do
Governance (G): Policy, Structure & Ownership
- Develop comprehensive security policies covering data classification, access management, vendor management, and incident response
- Create governance frameworks that align the entire organization around security best practices
- Define clear roles and responsibilities for information security processes across all teams
- Ensure organizational alignment through employee onboarding, security awareness training, and comprehensive documentation
Risk Management (R): Identification, Tracking & Mitigation
- Conduct comprehensive risk assessments across infrastructure, vendor relationships, and internal processes
- Own and maintain the enterprise risk register with detailed mitigation plans and timelines
- Execute regular third-party vendor assessments for data security posture (including cloud providers like AWS, AI services like OpenAI APIs, and SaaS tools)
- Implement risk monitoring processes with regular reporting to executive leadership
Compliance (C): Controls, Audits & Evidence
- Lead compliance certification initiatives (SOC 2, ISO 27001, GDPR) and industry-specific requirements
- Maintain auditable evidence through logging, access reviews, vulnerability scanning, and control testing
- Coordinate with external auditors and manage relationships with compliance automation tools (Vanta, Drata, TrustCloud)
- Monitor and update data privacy and security controls across all organizational functions
- Ensure continuous compliance through regular control assessments and gap analysis
Client-Facing Security Support
- Respond to security questionnaires and manage automated response systems to streamline the process
- Serve as primary security contact for RFPs, due diligence processes, and vendor security reviews
- Host security review calls with customers\’ legal, IT, and procurement departments
- Maintain and update Trust Center content and security documentation for customer transparency
- Support sales enablement through security collateral and competitive positioning
What You Bring
Required Experience
- 3-5 years in security-focused operations, technical program management, or DevOps/Infrastructure
- Deep familiarity with compliance frameworks (SOC 2, ISO 27001, GDPR, HIPAA)
- Experience with cloud security architectures and modern technology stacks
- Proven track record managing multiple concurrent security initiatives
Core Skills
- Strong ability to interpret legal/regulatory requirements and translate them into technical controls
- Exceptional documentation and project management capabilities
- Excellent communication skills for technical teams, executives, and external stakeholders
- Analytical mindset for risk assessment and control effectiveness evaluation
Preferred Qualifications
- Industry certifications (CISSP, CISA, CISM, or equivalent)
- Previous startup or high-growth company experience
- Experience with AI/ML security considerations and data protection
- Background in customer-facing security roles or professional services
What Success Looks Like
First 90 Days:
- Assess current security posture and identify immediate priorities
- Establish foundational security policies and procedures
- Implement compliance automation tools and begin evidence collection
Year 1:
- Achieve SOC 2 Type I certification
- Build streamlined security questionnaire response process
- Establish mature risk management program with executive reporting
- Enable rapid customer security reviews and onboarding
Year 2:
- Achieve SOC 2 Type II certification and additional compliance certifications
- Scale security processes to support significant business growth
- Develop advanced customer security enablement capabilities
- Build security into a competitive advantage
Why You\’ll Love This Role
- Direct Impact: Build our security program from the ground up and see immediate results
- Customer-Facing: Work directly with customers and partners as the trusted face of security
- Strategic Influence: Report to the COO and influence company-wide security decisions
- Growth Opportunity: Scale with the company and build a security team as we grow
- Cutting-Edge: Work with modern compliance automation tools and emerging security technologies
What we offer
- Competitive salary and meaningful equity participation
- Professional development budget for certifications and training
- Clear growth path with opportunity to build and lead a security team
- Collaborative environment where your expertise directly shapes our success
- Department
- Operations
- Locations
- Barcelona Remote, Madrid Remote, Spain Remote
- Remote status
- Fully Remote
About Maisa
Maisa AI is an innovative Agentic Process Automation (APA) Platform that enables enterprises to create and deploy bulletproof AI Agents (\”Digital Workers\”) for automating knowledge-intensive processes. Our flagship product, Maisa Studio, streamlines the creation, deployment, and continuous improvement of AI Agents while maintaining full auditability and explainability through our unique \”Chain of Work\” approach.
We\’re building the future of enterprise automation with a platform that combines deterministic, code-based steps with AI reasoning, providing unprecedented transparency and reliability for mission-critical business processes.
Operations · Multiple locations · Fully Remote
GRC / Security Lead
Already working at Maisa?
Let’s recruit together and find your next colleague.
#J-18808-Ljbffr
GRC / Security Lead employer: C2i Genomics
Contact Detail:
C2i Genomics Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land GRC / Security Lead
✨Tip Number 1
Familiarise yourself with the specific compliance frameworks mentioned in the job description, such as SOC 2 and ISO 27001. Understanding these frameworks will not only help you in interviews but also demonstrate your commitment to the role.
✨Tip Number 2
Network with professionals in the GRC and security fields, especially those who have experience in AI or tech startups. Engaging with them can provide insights into the role and may even lead to referrals.
✨Tip Number 3
Prepare to discuss your previous experiences with risk management and compliance initiatives. Be ready to share specific examples of how you've successfully implemented security policies or managed vendor assessments.
✨Tip Number 4
Research Maisa's products and their approach to Agentic Process Automation. Being knowledgeable about their offerings will allow you to tailor your discussions and show how your skills align with their mission.
We think you need these skills to ace GRC / Security Lead
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in security operations, compliance frameworks, and risk management. Use keywords from the job description to demonstrate your fit for the GRC / Security Lead role.
Craft a Compelling Cover Letter: In your cover letter, express your passion for building secure systems and your understanding of the importance of trust in AI. Mention specific experiences that align with the responsibilities outlined in the job description.
Showcase Your Skills: Emphasise your analytical mindset and exceptional documentation skills. Provide examples of how you've successfully managed security initiatives or compliance projects in previous roles.
Prepare for Potential Questions: Anticipate questions related to your experience with compliance frameworks like SOC 2 and ISO 27001. Be ready to discuss how you would approach establishing security policies and managing risk in a growing company.
How to prepare for a job interview at C2i Genomics
✨Understand the Role
Make sure you thoroughly understand the responsibilities of a GRC / Security Lead. Familiarise yourself with compliance frameworks like SOC 2 and ISO 27001, as well as risk management processes. This will help you articulate how your experience aligns with the role.
✨Prepare for Technical Questions
Expect to be asked about your technical knowledge in security operations and cloud security architectures. Brush up on your understanding of data protection measures and be ready to discuss specific tools or frameworks you've used in past roles.
✨Showcase Your Communication Skills
As this role involves client-facing responsibilities, demonstrate your ability to communicate complex security concepts clearly. Prepare examples of how you've successfully interacted with stakeholders, including customers and auditors, in previous positions.
✨Highlight Your Problem-Solving Abilities
Be ready to discuss how you've identified and mitigated risks in past roles. Use specific examples to illustrate your analytical mindset and how you've implemented effective security policies or compliance measures.
