Sign upLog in

Senior Director, Global Head of GRC

Proofpoint

Sunnyvale, CA

Apply
JOB DETAILS
SALARY
$245,400–$337,370 Per Year
LOCATION
Sunnyvale, CA
POSTED
14 days ago
About Us:


Proofpoint is a global leader in human- and agent-centric cybersecurity. We protect how people, data, and AI agents connect across email, cloud, and collaboration tools. Over 80 of the Fortune 100, 10,000 large enterprises, and millions of smaller organizations trust Proofpoint to stop threats, prevent data loss, and build resilience across their people and AI workflows. Our mission is simple: safeguard the digital world and empower people to work securely and confidently. Join us in our pursuit to defend data and protect people.


How We Work:


At Proofpoint you’ll be part of a global team that breaks barriers to redefine cybersecurity guided by our BRAVE core values:


Bold in how we dream and innovate


Responsive to feedback, challenges and opportunities


Accountable for results and best in class outcomes


Visionary in future focused problem-solving


Exceptional in execution and impact


Senior Director, Global Head of GRC


Location: Sunnyvale, CA

Department: Information Security

Reports To: Chief Information Security Officer (CISO)


Company Overview


Proofpoint is a global leader in human- and agent-centric cybersecurity, securing how people, data and AI agents connect across email, cloud and collaboration tools. Proofpoint is a trusted partner to over 80 of the Fortune 100, over 10,000 large enterprises, and millions of smaller organizations in stopping threats, preventing data loss, and building resilience across people and AI workflows. Proofpoint’s collaboration and data security platform helps organizations of all sizes protect and empower their people while embracing AI securely and confidently.


Role Overview


The Senior Director, Global Head of GRC owns Proofpoint’s global trust strategy—defining how the company manages risk, achieves regulatory compliance, and enables secure growth across commercial, public sector, and defense markets.


Reporting to the CISO, this role is accountable for building and scaling a modern, business-aligned GRC function that transforms compliance into a strategic advantage—accelerating market access, strengthening customer trust, and supporting Proofpoint’s expansion into highly regulated environments.


As the global leader for GRC, you will drive enterprise-wide visibility into risk and compliance posture, aligning security, engineering, legal, and go-to-market teams around a unified framework that supports innovation in cloud, data security, and AI-driven products.


Key Responsibilities


Strategic Leadership & Trust Ownership


+ Define and execute Proofpoint’s global GRC and trust strategy, aligned with business growth, product innovation, and market expansion.

+ Serve as the global functional head of GRC , with end-to-end accountability for governance, risk management, compliance, and security assurance.

+ Position compliance as a business enabler , directly supporting revenue growth, customer acquisition, and entry into regulated markets.

+ Establish a unified control framework that scales across products, cloud platforms, and geographies while reducing audit friction and duplication.


Market Access & Regulatory Strategy


+ Lead compliance strategy supporting expansion into U.S. public sector and defense markets , including FedRAMP (Moderate/High) and CMMC Level 2 .

+ Enable international growth through alignment with regional frameworks (e.g., IRAP, ISMAP, ENS, BSI C5, TISAX, ACN).

+ Partner with go-to-market teams to leverage certifications and regulatory posture as a competitive differentiator in customer engagements .

+ Act as a strategic advisor on regulatory requirements impacting product strategy, cloud deployments, and data residency.


Global Compliance & Certification Programs


+ Own end-to-end delivery of global audits, certifications, and regulatory engagements.

+ Ensure successful execution and continuous maturity across key frameworks:

+ ISO 27001 / ISO 42001

+ SOC 2 Type II

+ FedRAMP (Moderate/High)

+ CMMC Level 2

+ PCI DSS

+ Regional frameworks (IRAP, ISMAP, ENS, BSI C5, TISAX, ACN, etc.)

+ Drive continuous compliance through automation, control optimization, and integration into engineering and operational workflows.

+ Embed compliance requirements into product and cloud architecture in partnership with Engineering and Product teams.


Risk Management & Governance


+ Own and mature enterprise risk management (ERM), including risk identification, quantification, prioritization, and executive reporting.

+ Establish governance structures that provide clear accountability and real-time visibility into enterprise risk posture.

+ Align risk appetite with business objectives in partnership with executive leadership.

+ Oversee third-party risk management and supply chain security programs.


Operational Excellence & Assurance


+ Define KPIs and metrics to measure GRC program effectiveness, control maturity, and business impact.

+ Drive audit readiness, control effectiveness, and enterprise-wide remediation programs.

+ Enhance GRC tooling, automation, and data visibility to support scalable, efficient compliance operations.

+ Deliver clear, actionable reporting to executive leadership and the Board on risk and compliance posture.


Innovation & Emerging Risk


+ Lead Proofpoint’s approach to AI governance (ISO 42001) and emerging regulatory requirements for AI and agentic systems.

+ Stay ahead of global regulatory trends, translating complexity into actionable strategies and competitive advantage.

+ Advance modern GRC practices, including continuous controls monitoring and integrated risk platforms.


Leadership & Executive Presence


+ Build, lead, and mentor a high-performing global GRC organization.

+ Serve as an executive-facing leader, engaging with senior leadership, customers, auditors, and regulators.

+ Represent Proofpoint’s trust, risk, and compliance posture in strategic customer and partner engagements.

+ Champion a culture of accountability, transparency, and business-aligned risk management across the company.


Qualifications


+ Education: Bachelor’s or Master’s degree in Cybersecurity, Risk Management, Business, or related field.

+ Experience: 12+ years in security, risk, or compliance, with 5–7+ years in senior leadership roles.

+ Proven experience leading global GRC functions in SaaS, cloud, or highly regulated environments.

+ Deep expertise across major frameworks (ISO, SOC, FedRAMP, PCI) and U.S. public sector / defense compliance (CMMC) .

+ Demonstrated success using compliance programs to enable business growth and market expansion .

+ Strong background in enterprise risk management, control frameworks, and audit execution.

+ Relevant certifications (e.g., CISSP, CISM, CRISC, CISA) preferred.


Preferred Attributes


+ Experience in cybersecurity or SaaS industry.

+ Executive presence with the ability to translate regulatory complexity into business strategy.

+ Strategic, risk-based mindset focused on enablement—not just control enforcement.

+ Proven ability to operate in complex, fast-scaling, and highly matrixed environments.

+ Track record of building and leading high-performing global teams.

+ Passion for strengthening customer trust while enabling innovation and growth.


Why Proofpoint?


At Proofpoint, we believe that an exceptional career experience includes a comprehensive compensation and benefits package. Here are just a few reasons you’ll love working with us:


+ Competitive compensation

+ Comprehensive benefits

+ Career success on your terms

+ Flexible work environment

+ Annual wellness and community outreach days

+ Always on recognition for your contributions

+ Global collaboration and networking opportunities


Our Culture:


Our culture is rooted in values that inspire belonging, empower purpose and drive success-every day, for everyone.


We encourage applications from individuals of all backgrounds, experiences, and perspectives. If you need accommodation during the application or interview process, please reach out to accessibility@proofpoint.com .


How to Apply


Interested? Submit your application along with any supporting information- we can’t wait to hear from you!


Consistent with Proofpoint values and applicable law, we provide the following information to promote pay transparency and equity. Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets as set out below. Pay within these ranges varies and depends on job-related knowledge, skills, and experience. The actual offer will be based on the individual candidate. The range provided may represent a candidate range and may not reflect the full range for an individual tenured employee. This role may be eligible for variable compensation and/or equity. We offer a competitive benefits package, including flexible time off, a comprehensive well-being program with two paid Wellbeing Days and two paid Volunteer Days per year, plus a three-week Work from Anywhere option.


Base Pay Ranges:


SF Bay Area, New York City Metro Area:


Base Pay Range: 245,400.00 - 337,370.00 USD


California (excludes SF Bay Area), Colorado, Connecticut, Illinois, Washington DC Metro, Maryland, Massachusetts, New Jersey, Texas, Washington, Virginia, and Alaska:


Base Pay Range: 197,100.00 - 271,040.00 USD


All other cities and states excluding those listed above:


Base Pay Range: 177,500.00 - 244,090.00 USD


Proofpoint has been honored with six Best Places to Work Awards in 2024 by workplace culture leader Comparably, including Best Company Career Growth, Best Company Outlook, Best Global Culture, Best Engineering Teams, Best Sales Teams, and Best HR Teams.


We are the leader in human-centric cybersecurity. Half a million customers, including 87 of the Fortune 100, rely on Proofpoint to protect their organizations. We’re driven by a mission to stay ahead of bad actors and safeguard the digital world. Join us in our pursuit to defend data and protect people.


Our BRAVE Values:


At Proofpoint, we are BRAVE in everything we do, and our values aren’t just words—they shape how we work, collaborate, and grow.


We seek people who are bold enough to challenge the status quo, responsive in the face of ever-evolving threats, and accountable for delivering real impact.


We value those with a visionary mindset who anticipate what’s next and push cybersecurity forward, and we celebrate exceptional execution that ensures we continue to defend data and protect people.


Proofpoint is an equal opportunity employer, we hire without consideration to race, religion, creed, color, national origin, age, gender, sexual orientation, marital status, veteran status or disability.


Find your network, your allies, and your biggest fans. We know that work is simply better when you’re surrounded by people who inspire you—who share ideas, cheer you on, and genuinely want to see you succeed. That’s why we offer social circles, sponsored networks, and connection points across teams and time zones—to help you find your people, build your community, and thrive together.


This isn’t just a job—it’s a mission to protect people and defend data in a world that never slows down. We’re building the future of human-centric cybersecurity, and that future belongs to all of us. We take ownership, move fast, and hold ourselves accountable—because that’s what it takes to stay ahead. And we do it together, winning as one.


Be empowered to reach your full potential through meaningful challenges and personalized support—designed around you and your goals. Whether you're growing as a leader or leveling up from great to exceptional as an individual contributor, we’re here to help you get there.
Proofpoint is an equal opportunity employer, we hire without consideration to race, religion, creed, color, national origin, age, gender, sexual orientation, marital status, veteran status or disability.

About the Company

P

Proofpoint

Proofpoint, Inc. (NASDAQ:PFPT) is a leading cybersecurity company that protects organizations’ greatest assets and biggest risks: their people. With an integrated suite of cloud-based solutions, Proofpoint helps customers around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber attacks. Leading organizations of all sizes, including more than half of the Fortune 100, rely on Proofpoint to mitigate their most critical security and compliance risks across email, the cloud, social media, and the web. No one protects people, the data they create, and the digital channels they use more effectively than Proofpoint.

If you’re looking for a customer-focused, driven-to-win organization with leading-edge products, you’ll find many exciting reasons to join our team. We believe in hiring smart, motivated, problem-solvers to cultivate a culture of collaboration and appreciation. We are an international company with locations in North America, EMEA and APAC, with each location contributing to our culture.

COMPANY SIZE
2,500 to 4,999 employees
INDUSTRY
Computer/IT Services
EMPLOYEE BENEFITS
Performance Bonus, 401K, Employee Referral Program, Employee Events
FOUNDED
2002
WEBSITE
https://www.proofpoint.com