Symmetry is seeking a Security, Governance, Risk & Compliance professional to serve as the internal expert and owner of our risk, compliance, and governance initiatives. This person will guide the company from foundational Governance, Risk & Compliance (GRC) maturity through to steady-state operations, ensuring ongoing compliance with SOC 2 Type 2 and related frameworks, while embedding security-minded practices throughout Symmetry. This is a cross-functional role with key touchpoints in every department. Responsibilities include developing, maintaining, and ensuring adherence to security and compliance SOPs, internal documentation, and company-wide policies; owning and managing trust management platforms such as Vanta; collaborating with Legal, Enterprise Applications, and Gusto counterparts to establish and maintain data governance policies; conducting ongoing internal risk assessments; managing the third-party vendor risk program; leading interactions with external auditors and regulatory bodies; staying current on relevant compliance frameworks, laws, and regulations; and partnering cross-functionally to implement scalable GRC processes and foster GRC understanding through employee enablement programs and KPI-driven insights. The role requires 3–5+ years of experience in governance, risk, and compliance within SaaS, ideally in HCM, payroll, or fintech sectors, a Bachelor’s degree in Business, Information Systems, or related field, strong understanding of SaaS business models, proven experience leading or supporting SOC 2 Type 2 compliance initiatives, familiarity with compliance tools such as Vanta, Drata, or Viso Trust, excellent communication skills, a data-informed mindset, and relevant professional certifications such as CISA, CRISC, or GRCP preferred.
