Application Guide
How to Apply for GRC Manager
at Uplight
🏢 About Uplight
Uplight is at the forefront of the clean energy transition, creating a new category of energy management software that orchestrates distributed energy resources like smart thermostats, EVs, and solar panels to balance the grid. Their mission to accelerate clean energy through personalized experiences with leading utilities makes them a purpose-driven innovator in sustainability.
About This Role
As GRC Manager, you will design and implement governance, risk, and compliance frameworks to protect Uplight's operations in the energy sector. This role is impactful because you'll ensure secure and compliant handling of sensitive energy data while enabling the company's growth in a regulated industry.
💡 A Day in the Life
Your day might start with a stand-up with the security team to review risk register updates, followed by a meeting with product managers to assess compliance impacts of a new feature. After lunch, you'd analyze a new regulatory requirement and draft a policy, then end the day preparing for an upcoming SOC 2 surveillance audit.
🚀 Application Tools
🎯 Who Uplight Is Looking For
- Experienced in GRC within energy, utilities, or SaaS, with a track record of building compliance programs for SOC 2, ISO 27001, or NIST frameworks.
- Skilled in risk assessment and mitigation, particularly around data privacy (GDPR, CCPA) and critical infrastructure security.
- A strong communicator who can translate complex regulatory requirements into actionable policies for engineering and product teams.
- Proactive and adaptable, able to navigate the fast-paced remote startup environment while managing multiple compliance initiatives.
📝 Tips for Applying to Uplight
Highlight specific experience with energy-sector regulations like NERC CIP or FERC standards, as Uplight works with utilities.
Quantify your impact: e.g., 'Reduced audit findings by 40% through implementing a risk-based control framework.'
Show familiarity with Uplight's product—mention how GRC supports their DER management platform or customer energy data.
Tailor your resume to emphasize remote collaboration tools and distributed team experience, as this role is fully remote.
Include a brief note on your passion for clean energy and sustainability—Uplight values mission alignment.
✉️ What to Emphasize in Your Cover Letter
Emphasize your experience with compliance frameworks (SOC 2, ISO 27001) and how you've managed risk in a regulated tech environment. Highlight your ability to work cross-functionally with engineering and legal teams. Express genuine interest in Uplight's mission to decarbonize the grid. Mention any direct experience with utility partners or energy data privacy.
Generate Cover Letter →🔍 Research Before Applying
To stand out, make sure you've researched:
- → Review Uplight's website and blog to understand their product suite (e.g., Uplight's DERMS, customer engagement platform).
- → Read about their partnerships with major utilities (e.g., Duke Energy, National Grid) to grasp their market position.
- → Look into recent news or press releases about Uplight's funding, acquisitions, or regulatory developments.
- → Study the regulatory landscape for distributed energy resources (DERs) and how GRC applies to virtual power plants.
💬 Prepare for These Interview Topics
Based on this role, you may be asked about:
⚠️ Common Mistakes to Avoid
- Don't submit a generic GRC resume without tailoring to energy/utilities—show specific sector knowledge.
- Avoid focusing solely on technical security controls; emphasize governance and compliance program management.
- Don't overlook the remote aspect—ensure your application addresses how you thrive in a distributed team.
📅 Application Timeline
This position is open until filled. However, we recommend applying as soon as possible as roles at mission-driven organizations tend to fill quickly.
Typical hiring timeline:
Application Review
1-2 weeks
Initial Screening
Phone call or written assessment
Interviews
1-2 rounds, usually virtual
Offer
Congratulations!