Senior Staff Analyst, GRC

📋 Description

• Governance: develop and maintain a GRC strategy and roadmap.
• Risk mgmt: implement periodic risk assessments and scorecards.
• Compliance: ensure ISO, NIST, SOC2, GDPR/CCPA compliance and audits.
• Partner with Legal, IT, Finance and Security to align the GRC program.
• Lead data lifecycle reporting across enterprise and product domains.

🎯 Requirements

• 10+ years delivering integrated GRC frameworks.
• Deep knowledge of ISO, NIST, SOC2, GDPR, CCPA.
• Leading cross-functional product and enterprise controls.
• Certifications: CISA, CISSP, CISM, CRISC.
• Hands-on with SIEM and BI tools.
• Develop RCA and remediation plans with stakeholders.
• Strong critical thinking and bias for action.

🎁 Benefits

• Generous performance-based bonus plans.
• Rich medical, dental, and vision coverage.
• 100% immediate vesting retirement contributions.
• Quarterly wellness days and a birthday off.
• Home office stipend.
• Annual professional development budget.