Governance, Risk, and Compliance Analyst

Summary

Join Mixpanel's growing security team as a Governance, Risk, and Compliance Analyst. You will lead security assessments and audits, manage compliance, respond to customer inquiries, and conduct risk assessments. The role requires 3+ years of experience in GRC, familiarity with relevant frameworks (SOC 2, ISO 27001, etc.), and strong communication skills. Mixpanel offers a competitive salary, equity, and comprehensive benefits including medical, vision, dental, mental wellness benefits, generous vacation, enhanced parental leave, and more. This position is crucial for ensuring Mixpanel's security and compliance objectives are met. The ideal candidate will be a proactive leader with a strong bias for action and the ability to manage multiple priorities in a fast-paced environment.

Requirements

• 3+ years of experience in a Governance, Risk and Compliance role, preferably in the technology industry
• Familiarity with compliance and risk management frameworks, such as SOC 2, ISO 27001, ISO 27701, SOX, HITRUST, etc
• Strong bias for action; ability to juggle multiple priorities and create a sense of urgency in a fast-paced, dynamic environment
• Strong understanding of Business Continuity and Disaster Recovery principles
• Excellent communication and analytical skills

Responsibilities

• Lead security assessments and audits and monitor and manage compliance of implemented enterprise information security controls
• Respond to customer security inquiries. Serve as a company representative with prospects, customers, and partners by assisting with completing security questionnaires, assessments and audits
• Lead periodic internal risk assessments based on changes to business, technology or threat landscape
• Evaluate and manage third-party risk and work with vendors to remediate identified risks
• Ensure that company policies are up to date, recorded, tracked and disseminated to the entire company
• Coordinate periodic disaster recovery / business continuity testing and training
• Build content for employee security awareness and conduct new hire and on-going training
• Develop, maintain and report against security control KPIs

Preferred Qualifications

• Strong understanding of cloud security principles
• Industry standard certification such as CISA, CISM or other related certification
• Experience with GRC tools such as ZenGRC, Vanta, etc
• Project management experience
• Experience with third-party risk management tools such as Panorays or Bit Sight

Benefits

• Comprehensive Medical, Vision, and Dental Care
• Mental Wellness Benefit
• Generous Vacation Policy & Additional Company Holidays
• Enhanced Parental Leave
• Volunteer Time Off
• Pre-Tax Benefits including 401(K), Wellness Benefit, Holiday Break
• Equity consideration