Grc Analyst

Summary

Join OpenSesame's Compliance Team as a GRC Analyst in Mexico City! This role involves managing policy documentation, evidence collection, and audit preparation, supporting vendor risk assessments, and handling customer security inquiries. You'll collaborate with cross-functional teams and contribute to process improvements. The ideal candidate is detail-oriented, proactive, and thrives in a security-focused environment. OpenSesame offers a comprehensive benefits package including health insurance, 401(k) matching, and paid time off. This is a remote-first position with occasional travel to the US required. The company values diversity and inclusion and offers competitive compensation.

Requirements

• Become familiar with OpenSesame’s compliance frameworks, including ISO 27001, SOC 2, and GDPR
• Assist in evidence collection and documentation for ongoing audits using our GRC tool Drata
• Review existing security policies and identify areas for clarification or updates
• Collaborate with cross-functional teams to track and follow up on compliance-related tasks
• Support the completion of security questionnaires for customers
• Assist in vendor risk assessments and documentation management
• Take ownership of monitoring and responding to customer requests in our Trust Center
• Independently manage certain compliance tasks, including policy updates and audit preparations
• Identify and propose improvements to compliance processes and documentation workflows
• Contribute to internal compliance training and awareness initiatives
• Legal ability (passport and travel visa) to travel to the US
• Excellent spoken and written English skills
• Reliable, high-bandwidth Internet connectivity

Responsibilities

• Manage policy documentation
• Collect evidence
• Prepare for audits
• Support vendor risk assessments
• Handle customer security inquiries
• Collaborate with cross-functional teams to track and follow up on compliance-related tasks
• Support the completion of security questionnaires for customers
• Assist in vendor risk assessments and documentation management
• Take ownership of monitoring and responding to customer requests in our Trust Center
• Independently manage certain compliance tasks, including policy updates and audit preparations
• Identify and propose improvements to compliance processes and documentation workflows
• Contribute to internal compliance training and awareness initiatives

Benefits

• Health insurance
• 401(k) matching
• Paid time off