Security GRC Lead

Sprinklr is the definitive, AI-native platform for Unified Customer Experience Management (Unified-CXM), empowering brands to deliver extraordinary experiences at scale — across every customer touchpoint. By combining human instinct with the speed and efficiency of AI, Sprinklr helps brands earn trust and loyalty through personalized, seamless, and efficient customer interactions. Sprinklr’s unified platform provides powerful solutions for every customer-facing team — spanning social media management, marketing, advertising, customer feedback, and omnichannel contact center management — enabling enterprises to unify data, break down silos, and act on real-time insights. Today, 1,900+ enterprises and 60% of the Fortune 100 rely on Sprinklr to help them deliver consistent, trusted customer experiences worldwide. Job DescriptionThe GRC Lead is a position within the Sprinklr Security Governance, Risk, and Compliance (GRC) team, reporting to the Director, GRC. The role willbe responsible forassistingthe GRC team in the planning and delivery of critical compliance reports and certificates, including SOC 2, ISO 27001, C5, SOX ITGCs, PCI-DSSand other relevant programs. They will alsoassistthe team in documenting, assessing, and tracking the remediation of any issues and risks raised during audit examinations and risk assessments. Responsibilities:Manage audit engagements (e.g.SOX, ISO 27001, C5 PCI-DSS, SOC 2, HIPAA), the audit request lists and ensure requests are being fulfilled appropriately by stakeholder management;Coordinate and collate required evidence for external and internal audit support;Managing the control and process libraries, andassistingthe business in implementing internal controls;Contribute to meetings by preparing agendas, document meeting minutes, and help track the completion of follow up;Lead junior staff to ensure critical tasks are completed on time and per requirements;Lead Internal/External Audits as it relates to documenting or evidencing control management practices; Lead/participatein Risk Assessments and documenting risks within the risk register, andidentifyingand documenting the risk treatment;Assistthe business to document, assess, and remediate any issues raised during audit examinations and risk assessments; Assistin management of Sprinklr security standards and policies;Update andmaintainthe GRC Confluence and share drives;Assistwith management of risks,controlsand requests in the GRC tool; and other duties or tasks as assigned by managementAs this is a global organization, the GRC Lead may occasionally be asked to attend conference call meetings outside of normal respective office hours.Qualifications:ABachelor'sdegree in a technical/security field or a non-technical degree with combination of governance,riskand compliance-related work experience;At least 5-7+ years of experience in risk, compliance management or in an Information Security environment; Knowledge of security controls frameworks such as ISO 27001/27002 and NIST 800-53;Generally adeptat picking upnew technologies and experience working with a GRC tool;Excellent interpersonal communication,teamworkand project management skills; Strong written and verbal communication skills; Strong senseof accountability with the ability to work independently with minimal direction and follow-up; Demonstrated ability to perform process analysis and experience in documenting controls;Proven analytical and troubleshooting skills; A broad understanding of information security risk and controls; Personal integrity, accountability, and the ability to take ownership of specific tasks and activities; andAble to foster a collaborative working relationship with multiple areas and complex business lines, globally and remotely. We focus on our mission: Sprinklr was founded in 2009 to solve a big problem: growing enterprise complexity that separated brands from their customers. Our vision was clear: to unify fragmented teams, tools and data — helping large organizations build deeper, more meaningful connections with the people they serve. Today, Sprinklr has a unified, AI-native platform for four product suites: Sprinklr Service, Sprinklr Social, Sprinklr Marketing, and Sprinklr Insights. Sprinklr is here to do three things: Lead a new category of enterprise software that we call Unified-CXM. Empower companies to deliver next generation, unified engagement journeys that reimagine the customer experience. Create a culture of customer obsession, with trust, teamwork, and accountability.We believe in our product: Customers who value exceptional customer experiences have what they need on our single unified platform, built with an operating system approach on a single codebase. That means that everything — and everyone — can work together to service, respond, sell, and market to customers on the channels they prefer. While Unified Customer Experience Management (Unified-CXM) as a category is just getting started, we are well on our way to creati