Work with purpose.

Career Opportunities in the True Portfolio

Senior Governance, Risk, & Compliance (GRC) Analyst [TEMP]



IT, Legal
United States · Remote
Posted on Friday, May 17, 2024
StrongDM lives by a very simple principle: Put People First.
That means we do the right things by our colleagues, employees and customers. It also means developing products and solutions that improve the lives of our customers. Our commitment to People First is one of the reasons our year-over-year customer retention rate is an industry-leading 98%. Once a customer, forever a fan. That's our goal.
When you work at StrongDM, you work with people who care, technology that works, and customers who are obsessed with both the product and the support they receive.
If you ask any employee of StrongDM, you’ll find that our values truly are our guiding principles in everything we do–from how we make decisions to how we treat each other. That’s because these values represent the foundation for our culture and who we are as a company. It sounds cliche, we know. But trust us—we’re onto something good. G2 can confirm. ✔️
1. We embrace the mission
2. We pursue mastery
3. We are people first
4. We are smarter together
These are the values we seek to cultivate as an organization. They inform not just how we behave as individuals and teams, but also the unspoken traits of the candidates we hire and perspectives we take when helping and supporting customers. Speaking of candidates, we’re so glad you’re here! If this sounds like an environment you’d thrive in, read on.
Do you ponder the intricacies of business risk and……contingency planning? Do you love working on audit programs that underpin B2B service platforms? Does thinking of global data privacy laws make your mind tick (in a good way)? Then step right up and keep strongDM’s risk posture low and plans for disaster comprehensive. We need a Senior Governance, Risk, & Compliance Analyst who will take the programs we have and grow them into holistic, cross-functional, smoothly operating machines of wonder and excitement. Okay, that might be stretching it a little bit, but you get the idea.

What You’ll Do:

  • Manage the weekly/monthly/quarterly operations for our enterprise risk management program
  • Run our annual SOC 2 Type 2 audits with our external auditor, and get us ready for a PCI audit that will run at the same time
  • Provide support to our Sales/GTM teams to help close deals quickly and efficiently
  • Implement processes in support of our global data privacy program
  • Conduct vendor risk assessments for new and renewing vendors, and raise any identified concerns with leadership
  • Develop business-level contingency plans with executive leadership
  • Partner with the Engineering Department to improve our technology-level contingency planning policies to meet our current risk tolerance levels
  • Team up with the rest of the Trust Department to educate your fellow employees on current security threats, and how we perform risk management (especially around vendors)

Baseline Expectations:

  • You know how to read an independent audit report, dig into findings, and ask tough questions on remediation efforts
  • You understand that a good contingency planning program is more than just “we operate in two data centers”
  • Previous experience with any SaaS-based GRC tool is a major plus
  • You enjoy (okay, tolerate with a smile) documenting processes, policies, and training materials to support the team
  • Have a “Yes, and…” attitude, be willing to own failure, and speak up when you see room for improvement
  • Experience working at a high-growth startup with a culture of incredible customer support
  • Alphabet soup of certs you may but are in no way required to have: CISA, CRISC, CIPP, CIPT, EDRP