synthesia - GRC Analyst
Upload My Resume
Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT
Requirements
• You will work closely with Engineering, DevOps/Platform, Security, Legal, and customer-facing teams to keep us audit-ready, reduce risk in practical ways, and support the next wave of compliance efforts (for example ISO 22301, and longer-term options like HITRUST and FedRAMP). • You don’t need to be a compliance expert, but if you have a solid background in security, are eager to learn, and are ready to be bold and take ownership, this role offers a great opportunity to grow quickly and actually have a real impact in a hypergrowth AI unicorn. • Have direct experience with ISO 27001, SOC 2, ISO 42001, or ISO 27701, or have worked in ISO 22301, HITRUST, or FedRAMP environments. • Have used GRC tooling such as Vanta, Drata, or OneTrust. • Have built lightweight automation to reduce compliance toil. • Have worked in a fast-growing SaaS company and supported an external audit.
Responsibilities
• GRC Program Ownership • Own and continuously improve our GRC program across ISO 27001, SOC 2, ISO 27701, and ISO 42001, including control mapping and evidence expectations. • Partner with control owners to make compliance repeatable and low-friction - evidence as a habit, not a scramble. • Drive audit readiness: artifacts, timelines, action tracking, and clear control demonstration. • Improve policies, standards, and procedures so they reflect how we actually operate. • Technical-to-Compliance Translation • Build strong working relationships with DevOps/Platform and engineering teams. • Evaluate technical implementations - branch protection, CI/CD, Kubernetes, cloud architecture, monitoring - well enough to ask good questions and validate evidence. • Translate technical reality into clear audit narratives without losing accuracy. • Risk Management • Contribute to risk identification and assessment across technical, operational, and vendor domains. • Maintain risk registers and track mitigations to closure. • Support leadership reporting by surfacing themes and trends that lead to real decisions. • Growth into Future Certifications • Evaluate and prepare for ISO 22301, and potentially HITRUST and FedRAMP as business needs evolve. • Identify gaps early and propose pragmatic roadmaps that engineering teams can execute. • WE'D LOVE TO HEAR FROM YOU IF YOU: • Have a hands-on technical background (engineering, DevOps/SRE, IT management, or similar) and understand how cloud environments work, especially AWS. • Can follow technical conversations well beyond what a traditional auditor can - you understand how the sausage is made. • Have experience supporting audit cycles and know what good evidence looks like. • Are organised, proactive, and can drive multiple workstreams independently - with clear, thoughtful communication across both technical and business audiences. • Have technical aptitude: comfortable writing a simple script when needed, and experienced using AI and LLM tools in your work.
Benefits
• We’re living the golden age of AI. The next decade will yield the next iconic companies, and we dare to say we have what it takes to become one. Here’s why, • At Synthesia we’re passionate about building, not talking, planning or politicising. We strive to hire the smartest, kindest and most unrelenting people and let them do their best work without distractions. Our work principles serve as our charter for how we make decisions, give feedback and structure our work to empower everyone to go as fast as possible. You can find out more about these principles here. https://www.notion.so/How-we-work-at-Synthesia-f794caa72f8446efb6be22b551ce0fa2?pvs=21 • SERVING 50,000+ CUSTOMERS (AND 50% OF THE FORTUNE 500) • We’re trusted by leading brands such as Heineken, Zoom, Xerox, McDonald’s and more. Read stories from happy customers https://www.synthesia.io/case-studies and what 1,200+ people say on G2 https://www.g2.com/products/synthesia/reviews#reviews. • PROPRIETARY AI TECHNOLOGY • Since 2017, we’ve been pioneering advancements in Generative AI. Our AI technology is built in-house, by a team of world-class AI researchers and engineers. Learn more about our AI Research Lab and the team behind. https://www.synthesia.io/research • AI SAFETY, ETHICS AND SECURITY • AI safety, ethics, and security are fundamental to our mission. While the full scope of Artificial Intelligence's impact on our society is still unfolding, our position is clear: People first. Always. Learn more about our commitments to AI Ethics, Safety & Security https://www.synthesia.io/ethics. • THE HIRING PROCESS: • 1. 30-40min call with our Technical Recruiter • 2. 60mins call with the Hiring Manager about your past projects • 3. Take-Home Assignment • 4. 90mins Debrief with the Hiring Manager and our Head of Security • OTHER IMPORTANT INFO: • This is a remote role from the UK OR an EU country • This is full-time employment only - no contractors possible • You can view our benefits here https://synthesia.notion.site/Benefits-262c16d22bf181b28b68d963d0ec706b
Similar Jobs
No credit card. Takes 10 seconds.