Senior Staff Analyst, GRC

📋 Description

• Governance: develop and maintain a GRC strategy and roadmap.
• Lead standards, policies, controls, audits, and reporting.
• Risk Mgmt: implement risk assessments and scorecards.
• Compliance: ensure ISO, NIST, SOC2, GDPR, CCPA compliance.
• Partner with Legal/IT/Finance/Security to align the GRC program.
• Drive data lifecycle reporting with data platform and legal teams.

🎯 Requirements

• 10+ years delivering an integrated GRC program.
• In-depth knowledge of ISO, NIST, SOC2, GDPR, CCPA.
• Experience delivering cross-functional product and enterprise controls.
• Certifications: CISA, CISSP, CISM, CRISC.
• Hands-on with SIEM and BI tools.
• Ability to perform root cause analysis and remediation.
• Strong stakeholder collaboration and change leadership.

🎁 Benefits

• Generous performance-based bonus.
• Medical, dental, and vision coverage.
• Immediate vesting retirement contributions.
• Quarterly wellness days for all employees.
• Home office stipend.
• Annual professional development budget.