[Remote] GRC Analyst
Note: The job is a remote job and is open to candidates in USA. Vercel is an infrastructure company that enables developers to ship products efficiently. The GRC Analyst will manage and maintain compliance with various security and privacy frameworks, collaborating with teams to promote accountability and integrity within the organization.
Responsibilities
- Collaborate with internal teams to maintain an effective suite of internal controls and driving remediation efforts to completion with clear documentation of progress
- Build strong working relationships across the business so compliance accountability is shared and stakeholders are informed
- Streamline annual audits by managing audit deliverables, developing treatment plans, and coordinating across teams to document and track completion to ensure audit success
- Monitor and improve controls, processes, and evidence management practices, identify opportunities to automate and streamline GRC operations, and contribute to controls maturity scoring and reporting
- Enable go-to-market teams and accelerate deal cycles by supporting security questionnaires, addressing compliance inquiries, and maintaining clear, customer-facing documentation on Vercel’s security and compliance posture
- Design and manage company training and enhance visibility on compliance-specific topics for internal stakeholders to ensure an understanding of compliance, ethics, and regulatory requirements within the organization
Skills
- At least 3 years of relevant experience in supporting the audit lifecycle in a cloud-centric environment (SOC 2, ISO 27001, PCI, HIPAA, etc.)
- Strong organizational skills to be flexible and proactive in a high-growth, start-up environment
- Experience collaborating closely with internal partners to seamlessly incorporate policies and technical controls into the SDLC
- Strong project management skills and sense of ownership with the ability to communicate and collaborate effectively
- Ability to execute projects across various business units and levels
- Strong experience with cloud infrastructure (e.g., Azure, AWS)
- Familiarity with compliance or software development tools and systems (e.g., Drata, Linear, Datadog, etc.)
- Experience with frontend development and open source components
- Relevant industry certifications (i.e., CISM, CISSP, CCEP) is a plus, but not required
Benefits
- Competitive compensation package, including equity.
- Inclusive Healthcare Package.
- Learn and Grow - we provide mentorship and send you to events that help you build your network and skills.
- Flexible Time Off.
- We will provide you the gear you need to do your role, and a WFH budget for you to outfit your space as needed.
Company Overview