Security GRC Specialist

Responsibilities:- Plan and lead engagements with independent assessors to earn security and privacy certifications and attestations important to Anthropic customers and enterprise partnerships, and to meet regulatory obligations.- Understand how Anthropic's security and privacy capabilities across major cloud platforms implement common frameworks (e.g., NIST 800-53, NIST 800-171, ISO 27001, ISO 27701, CSA CCM, and SOC 2)- Build scalable audit management processes and documentation systems that will support future expansion to additional geographies and compliance frameworks- Write, update and enact policies capturing security, privacy, and AI safety requirements.- Maintain and enhance Anthropic's system of security controls through audit readiness, recordkeeping, and cross-functional communication You may be a good fit if you:- Have 8+ years of progressive experience in audit and compliance roles, with direct ownership of certification/attestation projects- Have worked in cloud-native environments and understand security and privacy considerations for multi-cloud architectures- Can translate complex compliance requirements into actionable workstreams for technical and non-technical stakeholders- Have built common controls frameworks or GRC systems that scaled with organizational growth- Write clear and useful security and privacy documentation for both external and internal audiences.- Thrive in ambiguous, fast-paced environments where you'll need to build processes from scratch- Are comfortable organizing time-bounded task management of delegated work streams across a diverse organization- Are energized by being the subject matter expert who educates the organization on new compliance requirements Strong candidates may also:- Have worked in AI/ML companies and understand unique security considerations for model development and deployment- Bring experience from high-growth technology companies managing rapid compliance expansion- Have some experience implementing automated enforcement of security controls (i.e., compliance as code)- Possess relevant certifications (CISA, CRISC, CISM, CISSP, or ISO 27001 Lead Auditor/Implementer) Candidates need not have:- Done everything on this list beforewe value learning agility and willingness to tackle novel compliance challenges in the AI spaceDeadline to apply:None. Applications will be reviewed on a rolling basis.The annual compensation range for this role is below. For sales roles, the range provided is the roles On Target Earnings (

Created: 2026-01-21