Information Security GRC Analyst
Who we are:
BigID is an innovative tech startup that focuses on solutions for data security, compliance, privacy, and governance. We're leading the market in all things data: helping our customers reduce risk, drive business innovation, achieve compliance, build customer trust, make better decisions, and get more value from their data.
We are building a global team with a passion for innovation and next-gen technology. BigID has been recognized for being one of CNBC’s Top 25 Startups powering the economy, we're on Built In's 2023 Best Places to Work, #21 on the 2022 Deloitte 500 (most innovative, fastest-growing companies in North America) and we’re on the 2022 Inc 5000.
At BigID, our team is the foundation of our success. Join a people-centric culture that is fast-paced and rewarding: you’ll have the opportunity to work with some of the most talented people in the industry who value innovation, diversity, integrity, and collaboration.
Who we seek:
The GRC Analyst will interface directly with various teams throughout the company and will support security compliance efforts across BigID and its products. This role is a key driver of governance, risk, and compliance efforts, and is responsible for the implementation and maintenance of the organization’s security program. This role is for a GRC Analyst reporting to the Director of GRC.
What you’ll do:
- Contribute to the development, implementation, and maintenance of policies, processes, and procedures in coordination with teams across BigID
- Manage multiple concurrent GRC projects, each with varying priority, timelines, and resource requirements
- Operate and enhance BigID’s risk management processes by conducting risk assessments and developing supporting documentation
- Cooperate with teams across BigID to identify risks and compliance gaps
- Maintain and optimize BigID’s security awareness training program
- Contribute to the management of BigID’s security compliance program including SOC 2, ISO 27001, and PCI DSS
- Identify improvement opportunities and provide feedback to senior team members and management
- Manage GRC tools implementation and utilization
- Research methods for evidence collection automation and compliance process enhancements
- Respond to customer and prospect questionnaires, and coordinate with sales staff to further enable their success through customer engagements
What you’ll bring:
- Bachelor’s Degree or a combination of relevant work experience and professional certifications
- Experience in external or internal security audit/compliance activities
- 4+ years experience in an audit, risk management, or GRC role
- 2+ years project management experience
- Hands on experience using Atlassian products – Jira and Confluence
- Experience reviewing third-party due diligence questionnaires and collateral and communicating with customers to support their due diligence needs
- Strong interpersonal skills
- Ability to handle complexity and innovation
- Self-starter, self-motivated, proactive, and able to handle concurrent activities
- Excellent organizational, analytical/problem-solving skills
- Ability to work in a fast-paced, rapidly evolving company environment and drive results
- Excellent communication, presentation, and interpersonal skills – the ability to communicate across and up the organization including internal communication to gain buy-in on GRC strategy
What’s in it for you?!
Our people are the foundation of our success, and we prioritize offering a wide range of benefits that make our team happier and healthier.
- Equity participation - everyone shares in our success
- Flexible work arrangements
- Medical, Dental, Vision, 401k - that go into effect your first day
We look for people who embody our values - Care, Do, Try & Shine.
- Care - We care about our customers and each other
- Do - We do what it takes to make a positive impact
- Try - We try our best and we don’t give up
- Shine - We shine and make it our mission to always stand out
BigDiversity: We’re committed to creating a culture of inclusion, diversity, and equality – across race, gender, sexuality, disability, and neurodiversity – where innovation and growth thrive, every voice is heard, and everybody belongs.
The annual base salary range is $90,000 – $100,000. Actual salaries will vary and are based on a candidate’s qualifications, skills, and competencies. Salary is just one component of our Compensation Philosophy. Variable/Bonus Compensation & Equity Incentives align with individual and company performance.
Something looks off?