GRC Program Manager, Product and Customer Trust

## About the Role The GRC Program Manager at Openai plays a critical role in ensuring the company's products and services meet the highest standards of security, compliance, and customer trust. This involves collaborating closely with various teams, including Product, Security, Legal, and GTM, to develop and implement effective operating models that balance the need for innovation with the need for regulatory compliance. As a key member of the GRC team, you will be responsible for scaling the function to support the company's rapid growth and expanding product portfolio. The GRC team at Openai is committed to delivering mission outcomes while maintaining the trust of customers, auditors, regulators, and the public. This requires a deep understanding of the company's technology, people, and processes, as well as the ability to navigate complex regulatory landscapes. As a senior member of the team, you will be expected to provide strategic guidance and operational support to ensure that Openai's products launch with the right controls in place and that customer trust is maintained throughout the product lifecycle. The role is highly cross-functional, requiring close collaboration with stakeholders across the organization. You will need to be able to communicate complex technical concepts to non-technical stakeholders, including customers, auditors, and regulators. Your ability to distill complex information into actionable insights will be critical to the success of this role. ## What You Will Do - Own and improve the customer trust operating model, including intake, triage, escalations, SLAs, metrics, and quality review.

• Support strategic customer trust needs, including security questionnaires, customer calls, Trust Center updates, and high-priority deal support.
• Partner with Product, Security, Legal, Privacy, and GTM teams to prepare accurate, approved trust materials for launches and regulated product changes.
• Build reusable customer-facing narratives, FAQs, evidence paths, and whitepapers that reduce one-off work while keeping claims controlled.
• Ensure external security and compliance claims are supported by internal processes and controls.
• Ensure product launches support our external security and compliance narrative; scale launch reviews to ensure GRC is not a bottleneck.
• Develop data handling guidance as needed to provide product teams a paved path consistent with our external commitments.
• Use automation and AI-native workflows across internal and external tooling, Codex, and related systems to improve speed and consistency.
• Turn recurring customer discovery into reusable content, product feedback, evidence improvements, and control-gap signals.
• Collaborate with cross-functional teams to identify and mitigate risks associated with product launches and regulatory changes.
• Develop and maintain metrics and reporting to measure the effectiveness of GRC processes and identify areas for improvement.

## What We Are Looking For - Strong product assurance, product launch review, customer trust, security compliance, or enterprise trust experience in a technical environment.

• Ability to support GTM teams with accurate, approved, customer-facing security and compliance narratives.
• Judgment to distinguish what can be answered directly, what requires Product/Security/Legal review, and what should not be claimed externally.
• Experience building scalable operating models, metrics, content systems, and automation for repeated assurance workflows.
• Excellent written communication and comfort translating technical security concepts for customers, auditors, regulators, Sales, and Field Security.
• Ability to work in a fast-paced environment with multiple priorities and deadlines.
• Strong analytical and problem-solving skills, with the ability to identify and mitigate risks.
• Experience with regulatory requirements and industry standards, such as SOC and ISO.
• Familiarity with AI and machine learning technologies, including Codex and related systems.

## Nice to Have - Experience with automation and AI-native workflows, including scripting and data analysis.

• Knowledge of cloud security and compliance, including AWS and Azure.
• Familiarity with agile development methodologies and version control systems, such as Git.
• Certification in security, compliance, or a related field, such as CISSP or CISA.

## Benefits and Perks - Competitive salary and equity package.

• Comprehensive health, dental, and vision insurance.
• Generous PTO and holiday schedule.
• Flexible remote work arrangements, including a stipend for home office setup.
• Opportunities for professional development and career growth.
• Access to cutting-edge technology and tools, including AI and machine learning platforms.
• Collaborative and dynamic work environment with a team of experienced professionals.
• Recognition and reward programs for outstanding performance and contributions.

- Tip: Be prepared to provide specific examples of your experience with product assurance, customer trust, and security compliance in a technical environment.

• Tip: Familiarize yourself with Openai's products and services, as well as the company's approach to security and compliance.
• Tip: Highlight your ability to communicate complex technical concepts to non-technical stakeholders, including customers and regulators.
• Tip: Show your experience with automation and AI-native workflows, including scripting and data analysis.
• Tip: Emphasize your analytical and problem-solving skills, including your ability to identify and mitigate risks.
• Tip: Be prepared to discuss your experience with regulatory requirements and industry standards, including SOC and ISO.