About this role
We are looking for a GRC Senior Analyst to own and scale our Governance, Risk, and Compliance function within a fast-growing product company. This is a key role responsible for ensuring compliance with SOX, ISO 27001, and GDPR, while enabling the business to move fast in a secure and controlled way.
You will act as the main driver of our compliance strategy, working cross-functionally with Engineering, Security, Legal, Finance, and Product teams.
#LI-ML3
• Own and lead the company’s GRC implementation across ISO 27001 and GDPR. • Build and manage the Information Security Management System (ISMS) aligned with ISO 27001. • Ensure GDPR compliance across all data processing activities, including data mapping, data leaks, and encryptions. • Act as the primary point of contact for auditors and prepare the company for ISO audits. • Identify compliance gaps and drive remediation plans with technical and non-technical teams. • Develop governance policies, procedures, and risk management frameworks. • Partner closely with Engineering and Security teams to embed controls into systems and SDLC processes. • Monitor regulatory and compliance changes and translate them into actionable requirements.
• 8+ years of experience in GRC, Risk, Compliance, or IT Audit roles • 5+ years of strong hands-on experience with ISO 27001 and experience managing or supporting ISMS implementation. • 3+ years of practical experience with GDPR data mapping, reviewing systems from the tech side. • 5+ years of experience from a product tech company with global client reach in the US & EU (companies above 100 people). • Experience working with internal and external auditors • Very strong stakeholder management and communication skills across technical and non-technical teams. • Fluent English
• Familiarity with cloud environments (AWS, GCP, Azure). • Security certifications (CISA, CISM, ISO 27001 Lead Implementer/Auditor). • Other security experience.
You will act as the main driver of our compliance strategy, working cross-functionally with Engineering, Security, Legal, Finance, and Product teams.
#LI-ML3
• Own and lead the company’s GRC implementation across ISO 27001 and GDPR. • Build and manage the Information Security Management System (ISMS) aligned with ISO 27001. • Ensure GDPR compliance across all data processing activities, including data mapping, data leaks, and encryptions. • Act as the primary point of contact for auditors and prepare the company for ISO audits. • Identify compliance gaps and drive remediation plans with technical and non-technical teams. • Develop governance policies, procedures, and risk management frameworks. • Partner closely with Engineering and Security teams to embed controls into systems and SDLC processes. • Monitor regulatory and compliance changes and translate them into actionable requirements.
• 8+ years of experience in GRC, Risk, Compliance, or IT Audit roles • 5+ years of strong hands-on experience with ISO 27001 and experience managing or supporting ISMS implementation. • 3+ years of practical experience with GDPR data mapping, reviewing systems from the tech side. • 5+ years of experience from a product tech company with global client reach in the US & EU (companies above 100 people). • Experience working with internal and external auditors • Very strong stakeholder management and communication skills across technical and non-technical teams. • Fluent English
• Familiarity with cloud environments (AWS, GCP, Azure). • Security certifications (CISA, CISM, ISO 27001 Lead Implementer/Auditor). • Other security experience.
Tech stack
AWSGCPAzure
About jobandtalent
jobandtalent is hiring for the hq - grc senior analyst role. NewJob aggregates active openings directly from jobandtalent's applicant tracking system, so this listing is current.
More jobs at jobandtalent →