×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Governance, Risk, Compliance; GRC

Job in New York, New York County, New York, 10261, USA
Listing for: ŌURA
Full Time position
Listed on 2026-01-01
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Job Description & How to Apply Below
Position: Staff, Governance, Risk, Compliance (GRC)
Location: New York

Staff, Governance, Risk, Compliance (GRC)

Join to apply for the Staff, Governance, Risk, and Compliance (GRC) role at ŌURA
.

At Oura, our mission is to empower every person to own their inner potential. With our award-winning Oura Ring and app, we help over 2.5 million people turn insights about sleep, activity, and readiness into healthier, more balanced lives. We believe that starts from within — by creating a culture where our team feels supported, included, and inspired to do their best work.

Our values guide how we show up for each other and our community every day.

We are looking for a Staff Governance, Risk and Compliance (GRC) professional to join our Security Team. This role will serve as a leader and subject matter expert (SME) driving compliance, risk, and governance initiatives. Working closely with leaders across Security, Privacy, Product, and Engineering, this person will own and mature our security and compliance programs such as SOC 2, HIPAA, ISO
27001, ISO
27799, HITRUST, NIST 800-171, CMMC, and FedRAMP.

The ideal candidate has a proven track record of leading and scaling compliance frameworks, shaping risk management programs, and partnering with business leaders to align governance with organizational goals.

This is a remote U.S. role with a strong preference for candidates based in the East Coast. We have offices in San Francisco and San Diego for those who prefer hybrid or office settings. Oura employees in other major cities (like Boston and New York) occasionally gather informally at local co-working locations.

What you will do
  • Program Ownership:
    Lead strategic GRC initiatives end-to-end, including achieving and maintaining industry certifications (e.g., SOC 2, HITRUST, ISO 27001).
  • Policy & Governance Leadership:
    Develop, implement, and oversee security and compliance policies; ensure they are embedded into business operations.
  • Cross-Functional Risk Leadership:
    Partner with Product, Engineering, and Privacy to integrate security and compliance by design into new features, infrastructure, and business processes.
  • Regulatory & Industry Alignment:
    Anticipate, monitor, and interpret regulatory changes and industry trends; proactively evolve the GRC strategy.
  • Risk Program Leadership:
    Lead risk assessments and mitigation strategies, ensuring ownership and accountability across teams.
  • Audit & Assurance:
    Oversee audit readiness and execution, including internal, customer, and third-party assessments.
  • Team Enablement:
    Mentor peers and drive a culture of compliance and risk awareness across the company.
Requirements

We would love to have you on our team if you have:

  • Experience:

    7+ years in GRC, IT compliance, security, or risk management, with demonstrable leadership of cross-functional projects. Compliance Knowledge:
    Deep expertise in frameworks such as SOC 2, HIPAA, HITRUST, NIST 800-171, ISO
    27001, ISO
    27799, CMMC, and FedRAMP.
  • Technical

    Skills:

    Familiarity with IT and cloud environments (AWS, GCP), security controls, and compliance automation tooling. Leadership Presence:
    Ability to influence, communicate, and drive alignment across technical and non-technical stakeholders.
  • Audit & Risk Expertise:
    Strong background in leading risk assessments, compliance audits, and executive-level reporting.
  • Preferred

    Certifications:

    CGRC, CISA, CRISC, CISSP, or equivalent.
Benefits

At Oura, we care about you and your well-being. Everyone here at Oura has a ring of their own and we are continually looking to improve employee health.

What we offer:

  • Competitive salary and equity packages
  • Health, dental, vision insurance, and mental health resources
  • An Oura Ring of your own plus employee discounts for friends & family
  • 20 days of paid time off plus 13 paid holidays plus 8 days of flexible wellness time off
  • Paid sick leave and parental leave

Compensation is market-based and varies by location and role. Offers are determined based on factors including job-related skills, experience, qualifications, work location, internal equity, and market conditions.

Seniority level
  • Mid-Senior level
Employment type
  • Full-time
Job function
  • Other
Industries
  • Consumer Electronics

Oura is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We will provide reasonable accommodation to candidates with disabilities to participate in the interview process and perform essential job functions.

Disclaimer:
This job posting is intended for prospective applicants in the United States. Beware of fake job offers. Our jobs are listed on the official ŌURA Careers page and trusted job boards. We will never ask for personal information like  payment for equipment upfront. Official offers are sent through Docusign after a verbal offer, not via text or email.

#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search