GRC Analyst

closed
BigID Logo

BigID

πŸ“Remote - Portugal

Summary

Join BigID, a leading data security and privacy tech startup, as a Security GRC Analyst. You will play a key role in safeguarding our platform by driving risk management initiatives, maintaining compliance with standards like SOC 2 and ISO 27001, and collaborating with cross-functional teams. Responsibilities include managing compliance programs, utilizing GRC tools, assessing third-party risk, and contributing to disaster recovery plans. This role requires a Bachelor's degree, 3+ years of relevant experience, and in-depth knowledge of AWS security and compliance standards. BigID offers a people-centric culture, flexible work arrangements, and equity participation, fostering a rewarding and inclusive work environment.

Requirements

  • Bachelor’s Degree in a relevant field or an equivalent combination of education, work experience, and professional certifications
  • 3+ years of experience in a security audit, governance, or risk management role within the tech sector
  • Experience with Confluence, Jira, and GRC tools like Anecdotes
  • In-depth knowledge of AWS security best practices and services (e.g., AWS Certified Security Specialty)
  • Familiarity with managing compliance for standards such as ISO 27001, SOC 2, HIPAA, PCI, and experience in supporting external audits
  • Knowledge of regulatory frameworks like GDPR, CCPA, or other regional standards
  • Proven ability to lead and manage projects, with strong organizational, analytical, and problem-solving skills
  • Strong interpersonal skills with the ability to communicate effectively across teams and levels, driving alignment on security strategies
  • Ability to thrive in a fast-paced, dynamic environment while delivering results and meeting deadlines
  • Experience working in a global environment, understanding diverse regulatory and security requirements

Responsibilities

  • Help maintain and improve security compliance and risk management documentation including policies, standards, and processes
  • Help manage compliance programs for key certifications such as ISO 27001, SOC 2, HIPAA, PCI, and support external audits to maintain security certifications
  • Collaborate on building and managing security and privacy risk management programs
  • Support the use and optimization of Governance, Risk & Compliance (GRC) tools such as Anecdotes, Confluence, and Jira to drive effective security governance
  • Assist in enforcing security policies and procedures based on industry standards, ensuring compliance across teams
  • Assess and manage third-party risk for new and existing vendors to ensure their compliance with BigID’s security standards
  • Assist in responding to customer security questionnaires, ensuring clarity and confidence in our security posture
  • Work closely with various teams (engineering, legal, operations) to ensure understanding of control activities, provide training, and share security best practices across the organization
  • Contribute to the development and continuous improvement of disaster recovery and business continuity plans
  • Help track and report on metrics and KPIs to measure the effectiveness of security and risk management programs

Benefits

  • Equity participation - everyone shares in our success
  • Flexible work arrangements
  • Other compulsory benefits based on country of residence
This job is filled or no longer available

Similar Remote Jobs