Post-Sales GRC SME

At Vanta, our mission is to help businesses earn and prove trust. We believe that security should be monitored and verified continuously, and we empower companies to practice better security and prove it with ease. Vanta has a kind and talented team, and while some have prior security experience, many have been successful at Vanta without it. 

Vanta is growing quickly and we're continually moving upmarket, dealing with sophisticated customers with complex security and compliance environments and needs. Our Security team uses our own Security and Privacy GRC experience to meet customer demand to help grow our market share as the industry leader in compliance and security.

As a Post-Sales Subject Matter Expert, GRC at Vanta, you will be a highly visible, customer-facing leader within Vanta’s Security team, responsible for representing Vanta’s Trust Management Platform to customers, providing hands-on guidance during onboarding and implementation of their existing GRC program, and collaborating with product teams to help drive and implement new features in the product.

If this sounds like you, and you're excited to use your Security and GRC experience to help grow and sell our product, we'd love to hear from you.

What you’ll do as a Post-Sales GRC Subject Matter Expert (SME) at Vanta:

• Partner with the Vanta's Sales and Customer Success teams to represent Vanta’s Trust Management Platform to prospects and customers

• Facilitate onboarding and implementation of Vanta for new customers

• Engage with executives and sr. staff at prospect and customer organizations to establish relationships with customer's Security and Compliance points of contact

• Become an expert on the security features available for customers to deploy within Vanta, including best practices for implementation

• Use your expert knowledge of compliance frameworks like SOC 2 and ISO 27001 to advise customers regarding questions about scoping, policy creation, detailed control requirements and security best practices

• Collaborate with Vanta’s EPD (Product) team to improve processes and enable faster and more seamless experiences for our customers

• Identify requirements that would enable additional customer use cases and drive implementation of customer requirements with relevant stakeholders

• Provide input and feedback on the development of security and GRC product features for Vanta’s customers

• Answer questions for internal and external stakeholders about security and compliance

How to be successful in this role:

• Deep understanding of security, privacy, and AI governance frameworks (SOC 2, ISO 27001, ISO 42001, HITRUST, HIPAA, GDPR, NIST AI RMF, etc.) including experience either auditing, or participating in a cybersecurity audit

• The ability to perform control mapping exercises for net-new frameworks, including policies to controls, risks to controls, etc.

• Problem-solving skills in a fast-paced environment

• Passion for leveraging AI and automation to advance GRC and risk management maturity

• Ability to translate complex compliance requirements into actionable technical guidance for SaaS environments

• Familiarity with cloud infrastructure, version control systems, risk management, vulnerability management, and their related security processes

• Experience in building productive relationships and driving collaboration with both technical and non-technical teams

• Knowledge of the cybersecurity audit process

• Security compliance management experience within a SaaS environment preferred, but not required

• Sales Engineering or Technical Support experience preferred, but not required

• Industry certifications (e.g. CISA, CISSP, CISM, CIPP/E) and/or formal education preferred, but not required

• Open to using