Director, Governance, Risk, and Compliance (GRC)

About Riot Platforms

Riot’s (NASDAQ: RIOT) vision is to be the world’s most trusted platform for powering and building digital infrastructure. Riot’s mission is to empower the future of digital infrastructure by positively impacting the sectors, networks, and communities that we touch. We believe that the combination of an innovative spirit and strong community partnership allows us to achieve best-in-class execution and create successful outcomes.

Who we are

At Riot, we’re building the future of digital infrastructure. Our team members have unparalleled opportunities to work on groundbreaking initiatives. Through technical excellence and strategic execution, Riot has positioned itself as a leader in the industry driving advancements that continue to set new benchmarks in digital infrastructure. 

We are trailblazers. Problem solvers. People who thrive in fast paced environments, communicate clearly, and bring relentless focus to efficiency and execution.

About the role

We’re looking for a Director, Governance, Risk, and Compliance (GRC) to build and lead Riot’s enterprise compliance operating system across Platform Operations. This role goes beyond traditional compliance—you’ll design scalable, audit-ready systems that embed risk and control into how we operate.

You’ll create a unified controls environment aligned to frameworks like ISO 27001, SOC 2, and NIST, establish a single source of truth for asset data, and deliver a high-quality evidence program that enables fast, consistent audit responses for customers and stakeholders.

What You’ll Do

• Define and execute Riot’s enterprise GRC roadmap and controls architecture
• Own and lead the ISO 27001 program, including certification and continuous audit readiness
• Build and maintain a high-integrity asset governance model (≥99% data accuracy)
• Stand up a scalable controls monitoring and testing framework (CMF)
• Design risk-based policy and exception workflows with clear audit trails
• Establish information governance and evidence management practices
• Lead GRC tooling strategy (e.g., Archer, Enablon) and deliver executive dashboards
• Partner with operations teams to embed compliance into change management, incidents, and SLAs

• 10+ years in GRC / risk / compliance in complex infrastructure environments (e.g., data centers, cloud, large-scale ops)
• Experience building compliance programs from the ground up
• Deep knowledge of ISO 27001 and audit/evidence practices
• Strong understanding of asset governance and data quality controls
• Proven ability to build scalable systems, workflows, and reporting—not just policies

• ISO certifications (e.g., ISO 27001 Lead Auditor)
• Experience with control testing at scale and GRC platforms (Archer, Enablon)
• Familiarity with tools like Power BI, Power Platform, or SharePoint

Compensation and Benefits 

• Competitive Salary: Base range (commensurate with experience) + bonus + sign-on equity grant. 

• Long-Term Growth: Eligible to participate in Riot’s equity incentive programs and share in the success you help build. 

• 401(k) Retirement Plan: Incudes a generous company match. 

• Comprehensive Health Coverage: Multiple medical plan options, including 100% company-paid plans. 

• Wellness & Lifestyle Perks: Enjoy free gym memberships, pet insurance, childcare discounts, and more to support your life both in and out of work. 

Riot is an equal opportunity employer. We are committed to creating an inclusive environment for all employees.