Program Ownership & Leadership
- Independently lead complex compliance and assurance programs from initiation through completion.
- Drive planning, execution, issue management, reporting, and partner communications.
- Own program outcomes with minimal strategic direction.
- Lead multi-functional working groups and coordinate activities across multiple organizations.
- Proactively identify risks, dependencies, and execution challenges and drive resolution plans.
Audit & Compliance Leadership
- Serve as the primary Tech GRC lead for internal readiness assessments, regulatory audits, certifications, and external assurance engagements.
- Coordinate audit planning, evidence collection, walkthroughs, testing activities, auditor interactions, and remediation management.
- Develop and maintain expertise in applicable compliance frameworks and Adobe's Common Controls Framework (CCF).
- Provide mentorship on control design, test strategies, and compliance requirements.
Partner Management
- Independently manage relationships with partners up to the senior manager and director level.
- Present recommendations, findings, risk assessments, and program status to management audiences.
- Influence decision-making through strong business insight, technical credibility, and data-driven analysis.
- Build trusted partnerships across Security, Engineering, Legal, Privacy, Product, HR, and external auditors.
Domain Expertise
- Develop deep expertise in multiple compliance frameworks and associated technologies.
- Serve as a trusted advisor to product teams, security teams, and Tech GRC leadership.
- Support developing staff and help raise the overall quality of delivery across the organization.
- Contribute to internal documentation, standards, training materials, and knowledge-sharing initiatives
Process Improvement & Scale
- Drive operational improvements that improve efficiency, consistency, and audit readiness.
- Build repeatable processes, templates, dashboards, and governance mechanisms.
- Find opportunities for automation and collaborate with GRC Engineering to improve control monitoring and evidence collection.
- Contribute to critical initiatives that improve Tech GRC capabilities and maturity.
What you need to succeed
- 5-8+ years of experience in Governance, Risk & Compliance (GRC), Information Security, Audit, Risk Management, or a related field.
- Solid understanding of industry frameworks and standards such as SOC 1/2/3, ISO 27001, ISO 9001, ISO 42001, HIPAA, CSA STAR, FedRAMP, NIST, or similar regulatory and compliance requirements.
- Experience driving multi-functional programs involving Security, Engineering, Product, Legal, Privacy, HR, and external auditors.
- Strong executive communication and presentation skills, with the ability to translate technical and compliance concepts into clear business-focused recommendations.
- Strong analytical, problem-solving, and organizational skills with exceptional attention to detail.
- Ability to work effectively in ambiguous environments, exercise good judgment, and proactively identify and mitigate risks before they become critical issues.
Preferred Qualifications
- Experience leading large-scale assurance programs such as internal preparedness evaluations, enterprise audit portfolios, certification readiness initiatives, or regulated product onboarding efforts.
- Familiarity with Adobe's Common Controls Framework (CCF) or similar enterprise control frameworks.
- Experience managing external assessor relationships and leading customer-facing or regulator-facing audits.
- Knowledge of cloud technologies (AWS, Azure, GCP), security technologies, and modern software development practices.
- Demonstrated success mentoring junior team members and raising quality standards across a team or program.
- Professional certifications such as CISA, CRISC, CISSP, CISM, ISO 27001 Lead Auditor, ISO 42001 Lead Implementer/Auditor, PCI ISA, or equivalent.
Expected Pay Range:Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets. The U.S. pay range for this position is $113,100 -- $228,575 annually. Pay within this range varies by work location and may also depend on job-related knowledge, skills, and experience. Your recruiter can share more about the specific salary range for the job location during the hiring process.
In California, the pay range for this position is $157,900 - $228,575In New York, the pay range for this position is $157,900 - $228,575In Washington, the pay range for this position is $148,600 - $215,200
At Adobe, for sales roles starting salaries are expressed as total target compensation (TTC = base + commission), and short-term incentives are in the form of sales commission plans. Non-sales roles starting salaries are expressed as base salary and short-term incentives are in the form of the Annual Incentive Plan (AIP).
In addition, certain roles may be eligible for long-term incentives in the form of a new hire equity award.