.svg)
Groq
Enterprise Risk Manager
Enterprise Risk Manager at Groq. Lead ISMS, ISO 27001/SOC 2/FedRAMP compliance, third-party risk management. 7-10 yrs GRC/security experience, ServiceNow GRC expertise required. Equity + benefits.
ServiceNow Role Type:
ServiceNow Modules:
No items found.
ServiceNow Certifications (nice to have):
Job description
Posted on:
October 21, 2025
We are seeking an Enterprise Risk Manager to lead and evolve Groq’s Information Security Risk Management program. This role will own risk lifecycle processes under our Information Security Management System (ISMS), support critical audits and assessments (ISO 27001, SOC 2, FedRAMP), and act as a central point of accountability for both internal and third-party risk identification, evaluation, and remediation.
Requirements
- 7–10 years of experience in risk management, GRC, security compliance, or vendor trust programs — ideally in fast-scaling or regulated tech environments
- Strong knowledge of information security frameworks (ISO 27001, NIST 800-53, SOC 2, FedRAMP)
- Experience managing or improving third-party risk assessments (TPRA), supplier reviews, and contract workflows
- Ability to guide risk decisions across stakeholders with varied technical depth and business priorities
- Demonstrated success building or maturing enterprise risk programs and managing risk registers
- Familiarity with tools like Vanta GRC, ServiceNow GRC, ProcessUnity, Ariba, JIRA, Smartsheet, Confluence, or Tableau
- Exceptional communication, stakeholder management, and mentoring skills
Benefits
- Comprehensive compensation package
- Equity
- Benefits
Requirements Summary
7-10 years of experience in risk management, GRC, security compliance, or vendor trust programs. Strong knowledge of information security frameworks and experience managing third-party risk assessments
