Vercel - Staff GRC Analyst

Remote - USA$180k - $270k+ Equity1mo ago

Remote Staff NA Software Junior Analyst Program Management Risk Management Reporting Governance GitHub

Upload My Resume

Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT

Apply in One Click

Responsibilities

• Own and scale commercial attestation program and audits (i.e., SOC 2, ISO 27001, PCI DSS, etc.) while maintaining alignment with business objectives and market demand. • Own and scale commercial attestation program and audits • Design and strengthen continuous monitoring processes to improve control effectiveness and mature control implementation from audit-ready to always-ready. • Design and strengthen continuous monitoring processes • Drive evolution of security and compliance control frameworks that set the direction for proactive risk management. • Drive evolution of security and compliance control frameworks • Partner with cross-functional stakeholders, acting as a strategic connector ****to plan, implement, maintain & remediate control activities and supporting requirements (e.g. policies, standards, processes, system configurations, etc.) • Partner with cross-functional stakeholders, • Champion a culture of compliance accountability and business-enablement across the organization through autonomous program governance and reporting and building trusted relationships. • Champion a culture of compliance accountability and business-enablement • Experience managing and running audits, certification programs and enterprise control assessments, including scope planning, defining requirements, policy and standards development, and control testing • Deep knowledge of audit processes, evidence requirements, and remediation lifecycle management for security and compliance frameworks (i.e., SOC 2, ISO 27001, PCI DSS) • Proven experience owning large-scale GRC programs, collaborating with technical and non-technical teams and driving initiatives to completion • Bonus if you: • Familiarity with data governance, compliance or software development tools and systems (e.g., Drata, Linear, Github, etc.) • Experience supporting cloud, AI-native, and open source development environments and systems • Experience with FedRAMP or NIST frameworks, such as 800-53, AI RMF • Security certifications (e.g. CISA, CISSP)

Benefits

• Competitive compensation package, including equity. • Inclusive Healthcare Package. • Learn and Grow - we provide mentorship and send you to events that help you build your network and skills. • Flexible Time Off. • We will provide you the gear you need to do your role, and a WFH budget for you to outfit your space as needed. • The San Francisco, CA base pay range for this role is $180,000.00 - $270,000.00. Actual salary will be based on job-related skills, experience, and location. Compensation outside of San Francisco may be adjusted based on employee location. The total compensation package may include benefits, equity-based compensation, and eligibility for a company bonus or variable pay program depending on the role. Your recruiter can share more details during the hiring process. • Vercel is committed to fostering and empowering an inclusive community within our organization. We do not discriminate on the basis of race, religion, color, gender expression or identity, sexual orientation, national origin, citizenship, age, marital status, veteran status, disability status, or any other characteristic protected by law. Vercel encourages everyone to apply for our available positions, even if they don't necessarily check every box on the job description.