Principal GRC Specialist

About LastPass
LastPass is a leader in password and identity management, making it easier to log into life and work. Trusted by 100,000 businesses and millions of users, LastPass combines advanced security with effortless access for individuals, families, small business owners, and enterprise professionals. With LastPass, important credentials are protected and private – and always within reach.

Curious about our products? Visit our websiteand try it free!

We welcome new ideas, support your growth, and recognize your value, if this aligns with what you are looking for in your next career move, Join Us

LastPass is looking for Principal GRC Specialist...

The ideal candidate is a proactive and strategic thinker who will play a pivotal role in strengthening our Governance, Risk, and Compliance (GRC) program. In this role, you will work cross-functionally to lead assurance activities, assess security and compliance controls, and enhance the maturity of our risk program.

As a key player in a fast-paced and evolving environment, you will be expected to adapt to change, collaborate effectively with stakeholders, and drive continuous improvement in compliance efforts. Your work will directly support our customer-centric approach, ensuring that security and compliance is seamlessly embedded into broader business objectives and security strategies

About the team:

The GRC Team plays a crucial role in enhancing LastPass’ operational resilience, efficiency and stakeholder trust by ensuring alignment between security, compliance, and business objectives.

If you are passionate about complex problem solving and motivated by scale, then this is the role for you!

Who will you work with?

Please note: While this position is remote, we prefer candidates who can work EST or CST hours to ensure alignment with business needs.

You will collaborate with various stakeholders across Engineering, Safety & Trust, Human Resources, Legal, and Security teams, fostering a culture of innovation and teamwork. Your interactions will span multiple regions, including Hungary, Portugal, Canada, and the United States, supporting strategic initiatives and driving cohesive security and compliance efforts.

What are some of the exciting challenges you will be working on?

• Proactively lead assurance and continuous compliance efforts by performing audit tasks, monitoring security and compliance controls, and ensuring ongoing control effectiveness through reporting and risk assessments
• Drive audit readiness and compliance assessments by coordinating internal and external audits, managing evidence collection, conducting control testing, and addressing remediation efforts to maintain and enhance compliance
• Provide expertise in control implementation, guiding teams on design and execution while ensuring clear, comprehensive, and audit-ready documentation
• Drive compliance awareness and stakeholder engagement as a trusted advisor, translating complex compliance requirements into actionable guidance, and fostering a culture of security, risk awareness, and compliance excellence across the organization
• Identify and remediate control gaps, prioritizing corrective actions to strengthen the risk posture by assessing security and compliance controls, documenting deficiencies, and partnering with key stakeholders
• Consistently advise and collaborate on policy development by partnering with cross-functional teams to create and refine cybersecurity-related policies, standards, and procedures that are practical and aligned with business operations
• Develop and maintain a unified control framework, collaborating with cross-functional teams to ensure controls are scalable, adaptable, and aligned with compliance and business requirements

What does it take to work at LastPass?

• Background in compliance or security-related roles with experience is preferred
• Expert-level knowledge of security and privacy-related standards and frameworks such as ISO 27001, 27701, SOC 2, and SOX ITGC
• Proven ability to integrate security and privacy-related controls into business processes, with a focus on enabling business outcomes while maintaining robust security and privacy standards
• Excellent listening, written and verbal communication skills with the ability to engage effectively across all organizational tiers
• Capable of working independently with exceptional initiative, planning, and organizational skills to efficiently see tasks through to completion
• Strong ability to communicate complex cybersecurity concepts to a diverse audience, including both technical and non-technical stakeholders
• Growth-oriented mindset, challenging the status-quo and the ability to drive project and program-level initiatives forward

It's great, but not required:

• Knowledge of security and privacy-related standards and frameworks such as NIST 800-53, FedRAMP/StateRAMP, and CMMC
• Certifications such as CISSP, CISM, CRISC, CISA Security+ or related certifications in information security or audit
• Experience working with global teams

Why LastPass?

• High-growth, collaborative environment with inclusive teams
• Remote-first culture
• Competitive compensation
• Flexible Paid Time Off policies, including but not limited to: Quarterly Self-Care Days (4 extra paid days off annually) and Volunteer Days
• Generous parental leave
• Home office setup support
• LastPass Families free account for up to 5 members
• Continuous learning and development opportunities, including an annual learning stipend to invest in your growth
• Peer-to-peer recognition through Motivosity
• Employee Assistance Program for well-being support
• Remote work stipend to support your home office needs
• Short-Term or Remote-Centric Work Arrangements for added flexibility

Unlock your potential with us - your skills, experience, and unique perspective matter more than just checking the boxes. Apply today, and let's build the future together!

We’re building an inclusive community that reflects the people of all races, genders, sexual orientations, national origins, backgrounds, and perspectives who share our world.

Interested in building your career at LastPass? Get future opportunities sent straight to your email.

indicates a required field

First Name *

Last Name *

Email *

Phone

Resume/CV

Enter manually

Accepted file types: pdf, doc, docx, txt, rtf

LinkedIn Profile

Website

Do you now or in the future require sponsorship for an employment visa? * Select...

Most Recent Company *

Most Recent Job Title *

Even though the position is advertised as remote, it is mandatory for all applicants to be based in the hiring country. Are you currently residing in the hiring country mentioned for the position you are applying for? * Select...

Salary Expectation (annual, gross) *

Interested in learning more about LastPass' products and services? Stay connected! * Select...

By selecting "Yes", you are indicating that you want to receive marketing communications from LastPass and its authorized sales partners regarding industry news and research, educational resources, and LastPass products and services. You agree to the processing of your personal data in accordance with the LastPass Privacy Notice. You can unsubscribe from marketing communications at any time.

How did you hear about LastPass? * Select...

Please select the option that best describes how you first discovered us.

If you selected "Other," please specify: