Principal GRC Specialist

Job Description

LastPass is seeking a Principal GRC Specialist to enhance its Governance, Risk, and Compliance (GRC) program. This role involves leading assurance activities, assessing security and compliance controls, and improving the risk program. The ideal candidate will be proactive, strategic, and capable of adapting to a fast-paced environment.

The GRC Team ensures alignment between security, compliance, and business objectives, enhancing LastPass’ operational resilience and stakeholder trust. The role requires collaboration with various teams across Engineering, Safety & Trust, Human Resources, Legal, and Security, spanning multiple regions including Hungary, Portugal, Canada, and the United States.

Responsibilities include:

• Leading assurance and continuous compliance efforts.
• Coordinating internal and external audits.
• Providing expertise in control implementation.
• Driving compliance awareness and stakeholder engagement.
• Identifying and remediating control gaps.
• Advising on policy development.
• Maintaining a unified control framework.

Requirements:

• Background in compliance or security-related roles.
• Expert-level knowledge of security and privacy standards like ISO 27001, SOC 2, and SOX ITGC.
• Proven ability to integrate security and privacy controls into business processes.
• Excellent communication skills.
• Strong initiative and organizational skills.
• Growth-oriented mindset.

LastPass offers:

• Remote-first culture
• Flexible Paid Time Off policies
• Comprehensive health coverage
• Home office setup support
• Continuous learning and development opportunities