Manager of Governance, Risk, and Compliance (GRC)

Salary: $160K - $200K Location Type: On-Site Employment Type: Full-Time

Position Overview

OpenGov is seeking a driven and strategic Manager of Governance, Risk, and Compliance (GRC) to lead and evolve our cybersecurity compliance program. This role is critical in managing risk, ensuring audit readiness, and maintaining alignment with regulatory standards including GovRamp Moderate and SOC 2 Type II. You’ll build and optimize scalable GRC processes, lead cross-functional initiatives, and drive a culture of security, accountability, and continuous improvement across the organization.

Key Responsibilities

• Own and lead OpenGov’s GRC program strategy, roadmap, and daily operations.
• Manage all phases of internal and external audits (GovRamp, SOC 2), including control design, evidence collection, and remediation tracking.
• Maintain and enhance the enterprise risk register: perform risk assessments, evaluate mitigation efforts, and present risk posture updates to leadership.
• Develop, update, and enforce security and compliance policies, procedures, and standards.
• Conduct third-party/vendor security risk assessments and manage due diligence workflows.
• Collaborate closely with IT, Engineering, and Legal to ensure technical and procedural controls align with compliance obligations.
• Lead initiatives for compliance automation, continuous control monitoring, and process optimization.
• Support training and awareness programs to reinforce compliance culture and security best practices across departments.
• Monitor the regulatory landscape and emerging frameworks to ensure proactive compliance planning.

Qualifications

• Minimum 5 years of experience in cybersecurity, information security, or compliance, including at least 2 years in a GRC leadership or ownership role.
• Certifications such as ISO 27001 Lead Auditor, CISA, or CRISC are a plus.
• Hands-on experience managing GovRamp and SOC 2 audits, including preparation, execution, and response.
• Expert knowledge of NIST 800-53 (GovRAMP), CIS Controls, risk management methodologies, and data protection best practices.
• Proven success in risk identification, analysis, and reporting through a maintained risk register.
• Excellent communication skills with the ability to present clearly to both technical and non-technical stakeholders.
• Familiarity with GRC platforms such as Drata, Vanta, LogicGate, or similar.
• Self-starter who thrives in fast-paced environments with competing priorities.

Compensation Note: The on-target ranges above include base plus a portion of variable compensation that is earned based on company and individual performance. The final compensation will be determined by a number of factors such as qualifications, expertise, and the candidate’s geographical location.

Company Information

About OpenGov:

OpenGov is the leader in AI-enabled software for cities, counties, state agencies, and special districts. With a mission to power more effective and accountable government, OpenGov serves 2,000 communities across the United States. OpenGov is built exclusively for the unique asset management, permitting and licensing, procurement and contract management, tax and revenue, budgeting and planning, and financial management needs of the public sector. The OpenGov platform empowers organizations to operate more efficiently, adapt to change, and strengthen public trust.

Learn more or request a demo at opengov.com.

Why OpenGov?

• A Mission That Matters: At OpenGov, public service is personal. We are passionate about our mission to power more effective and accountable government. Government that operates efficiently, adapts to change, and strengthens public trust. Some people say this is boring. We think it’s the core of our democracy.
• Opportunity to Innovate: The next great wave of innovation is unfolding with AI, and it will impact everything—from the way we work to the way governments interact with their residents. Join a trusted team with the passion, technology, and expertise to drive innovation and bring AI to local government. We’ve touched 2,000 communities so far, and we’re just getting started.