GRC Analyst

Summary

Join OpenSesame's Compliance Team as a GRC Analyst and contribute to maintaining the company's compliance with industry standards and regulatory requirements. You will play a critical role in managing policy documentation, evidence collection, and audit preparation. This role offers opportunities to grow your expertise in compliance and information security within a dynamic and collaborative team. The position is remote-first, based anywhere in the US, with some travel required. OpenSesame offers a competitive salary and a comprehensive benefits package. The company prioritizes pay transparency, fairness, and equity. This is an excellent opportunity to grow your career in a supportive and inclusive environment.

Requirements

Be detail-oriented and proactive

Responsibilities

• Become familiar with OpenSesame’s compliance frameworks, including ISO 27001, SOC 2, and GDPR
• Assist in evidence collection and documentation for ongoing audits using our GRC tool Drata
• Review existing security policies and identify areas for clarification or updates
• Collaborate with cross-functional teams to track and follow up on compliance-related tasks
• Support the completion of security questionnaires for customers
• Assist in vendor risk assessments and documentation management
• Take ownership of monitoring and responding to customer requests in our Trust Center
• Independently manage certain compliance tasks, including policy updates and audit preparations
• Identify and propose improvements to compliance processes and documentation workflows
• Contribute to internal compliance training and awareness initiatives
• Help manage policy documentation
• Help manage evidence collection
• Help manage audit preparation
• Help manage vendor risk assessments
• Help manage customer security inquiries

Benefits

• Health insurance
• 401(k) matching
• Paid time off
• Professional development
• ISOs