Principal GRC Specialist closed

at LastPass
  • Remote - Canada

Remote

Cybersecurity

Principal

Job description

About LastPass

LastPass is a leader in password and identity management, making it easier to log into life and work. Trusted by 100,000 businesses and millions of users, LastPass combines advanced security with effortless access for individuals, families, small business owners, and enterprise professionals. With LastPass, important credentials are protected and private – and always within reach.

Curious about our products? Visit our website and try it free!

We welcome new ideas, support your growth, and recognize your value, if this aligns with what you are looking for in your next career move, Join Us

LastPass is looking for Principal GRC Specialist…

The ideal candidate is a proactive and strategic thinker who will play a pivotal role in strengthening our Governance, Risk, and Compliance (GRC) program.  In this role, you will work cross-functionally to lead assurance activities, assess security and compliance controls, and enhance the maturity of our risk program.

As a key player in a fast-paced and evolving environment, you will be expected to adapt to change, collaborate effectively with stakeholders, and drive continuous improvement in compliance efforts.  Your work will directly support our customer-centric approach, ensuring that security and compliance is seamlessly embedded into broader business objectives and security strategies

About the team:

The GRC Team plays a crucial role in enhancing LastPass’ operational resilience, efficiency and stakeholder trust by ensuring alignment between security, compliance, and business objectives.

If you are passionate about complex problem solving and motivated by scale, then this is the role for you!

Who will you work with?

Please note: While this position is remote, we prefer candidates who can work EST or CST hours to ensure alignment with business needs.

You will collaborate with various stakeholders across Engineering, Safety & Trust, Human Resources, Legal, and Security teams, fostering a culture of innovation and teamwork.  Your interactions will span multiple regions, including Hungary, Portugal, Canada, and the United States, supporting strategic initiatives and driving cohesive security and compliance efforts.

What are some of the exciting challenges you will be working on?

  • Proactively lead assurance and continuous compliance efforts by performing audit tasks, monitoring security and compliance controls, and ensuring ongoing control effectiveness through reporting and risk assessments
  • Drive audit readiness and compliance assessments by coordinating internal and external audits, managing evidence collection, conducting control testing, and addressing remediation efforts to maintain and enhance compliance
  • Provide expertise in control implementation, guiding teams on design and execution while ensuring clear, comprehensive, and audit-ready documentation
  • Drive compliance awareness and stakeholder engagement as a trusted advisor, translating complex compliance requirements into actionable guidance, and fostering a culture of security, risk awareness, and compliance excellence across the organization
  • Identify and remediate control gaps, prioritizing corrective actions to strengthen the risk posture by assessing security and compliance controls, documenting deficiencies, and partnering with key stakeholders
  • Consistently advise and collaborate on policy development by partnering with cross-functional teams to create and refine cybersecurity-related policies, standards, and procedures that are practical and aligned with business operations
  • Develop and maintain a unified control framework, collaborating with cross-functional teams to ensure controls are scalable, adaptable, and aligned with compliance and business requirements

What does it take to work at LastPass?

  • Background in compliance or security-related roles with experience is preferred
  • Expert-level knowledge of security and privacy-related standards and frameworks such as NIST 800-53, FedRAMP/StateRAMP, CMMC, ISO 27001, 27701, SOC 2, and SOX ITGC
  • Proven ability to integrate security and privacy-related controls into business processes, with a focus on enabling business outcomes while maintaining robust security and privacy standards
  • Excellent listening, written and verbal communication skills with the ability to engage effectively across all organizational tiers
  • Capable of working independently with exceptional initiative, planning, and organizational skills to efficiently see tasks through to completion
  • Strong ability to communicate complex cybersecurity concepts to a diverse audience, including both technical and non-technical stakeholders
  • Growth-oriented mindset, challenging the status-quo and the ability to drive project and program-level initiatives forward

It’s great, but not required:

  • Certifications such as CISSP, CISM, CRISC, CISA Security+ or related certifications in information security or audit
  • Experience working with global teams

Why LastPass?

  • Market-leading password manager
  • High-growth, collaborative environment with inclusive teams
  • Remote-first culture
  • Competitive compensation
  • Flexible Paid Time Off policies, including but not limited to: Quarterly Self-Care Days (4 extra paid days off annually) and Volunteer Days
  • Generous parental leave
  • Comprehensive health coverage, including dependents
  • Home office setup support
  • LastPass Families free account for up to 5 members
  • Continuous learning and development opportunities, including an annual learning stipend to invest in your growth
  • Peer-to-peer recognition through Motivosity
  • Employee Assistance Program for well-being support
  • Remote work stipend to support your home office needs
  • Short-Term or Remote-Centric Work Arrangements for added flexibility

Unlock your potential with us - your skills, experience, and unique perspective matter more than just checking the boxes. Apply today, and let’s build the future together!

We’re building an inclusive community that reflects the people of all races, genders, sexual orientations, national origins, backgrounds, and perspectives who share our world.

For all US based jobs please review our Applicant Privacy Notice

For all EU based jobs please review our Candidate Privacy Notice

Please review our CCPA Notice

Similar Remote Jobs

Latest Jobs at LastPass

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏