Governance, Risk, and Compliance Analyst

Summary

Join Wiz, a rapidly growing cloud security company, as a Governance, Risk, and Compliance Analyst. You will report to the Manager, Governance, Risk, & Compliance and collaborate with various teams to design and update policies, improve processes, and ensure compliance. Responsibilities include designing controls, conducting audits, assisting with third-party risk management, and staying updated on security and regulatory trends. This role requires 3+ years of experience in GRC, knowledge of industry frameworks (ISO 27001, SOC 2, etc.), and strong collaboration skills. The ideal candidate will have experience with international compliance and pursuing new certifications. Compensation includes a competitive salary and potential restricted stock units; additional benefits are detailed on the company's careers page.

Requirements

• 3+ years of experience in one or more of the Governance, Risk, and Compliance domains
• Passion for security and keeping Wiz safe
• Ability to collaborate with technical and non-technical teams alike to further oversight responsibilities of Security
• Deep knowledge of one or more industry frameworks such as ISO 27001, ISO 27017, SOC 2, PCI DSS, NIST CSF, etc. and baseline knowledge of others
• Ability to assist with security compliance assessments to ensure compliance with internal and external requirements (ISO, NIST, CIS, etc.)
• Experience working in a fast-paced tech environment both independently, and collaboratively within a team environment
• Ability to build strong relationships across teams and functions in a global workplace

Responsibilities

• Design and update policies, procedures, and controls to drive confidentiality, integrity, and availability across the Wiz environment
• Continuously improve processes, tools, and procedures for audit and compliance management
• Collaborate and work cross-functionally across the company to address governance and compliance needs and to support the Wiz Control Framework, partnering with Engineering, Product, Sales, Legal, HR, and other teams
• Proactively improvement control design and performance to address a changing risk landscape
• Deliver timely audits through working with internal and external auditors
• Help customer-facing teams respond to information security requirements and questionnaires
• Assist with third party risk management reviews, assessing vendor’s security, compliance, and privacy posture
• Participate in team project management, including documentation, project planning, task management, and prioritization
• Participate in recurring annual core audits (e.g., SOC 2, ISO, PCI)
• Maintain awareness of security and regulatory trends, perform research and analysis on new certifications, and help Wiz pursue new international compliance initiatives
• Collaborate with Security leadership to define roadmap and prioritization for Governance and Compliance initiatives

Preferred Qualifications

• Experience with international compliance regulations specifically in the APJ and EMEA regions
• Experience pursuing net new compliance certifications and initiatives
• Experience working in a SaaS/tech environment

Benefits

• Pay Range: USD $98,500 - $135,500
• Restricted stock units