TopUSAJobs.com
This listing was posted on TopUSAJobs.
Senior Analyst, Governance, Risk and Compliance (Denver, Los Angeles and/or
Location:
Los Angeles, CA
Description:
Who You Are:The Senior Analyst, Governance, Risk, and Compliance (GRC) is a key member of the Information Security team responsible for managing, monitoring, and advancing Formstack's compliance with various security and privacy regulations and frameworks. This individual will play a pivotal role in ensuring that Formstack's operations, products, and services are compliant with industry standards while helping to mitigate risks and support governance initiatives.What You Will Do: Lead and manage Formstack's compliance initiatives related to regulations such as HIPAA, SOC 2, GDPR, ISO 27001, PCI-DSS, CCPA, and others. Collaborate with internal teams (product, legal, IT, and engineering) to develop, implement, and maintain Formstack's security policies, controls, and procedures. Perform risk assessments and conduct security audits across departments to ensure compliance with regulatory and industry standards. Assist in the preparation and facilitation of external audits and certifications (e.g., SOC 2 audits, ISO 27001 certification processes). Maintain and enhance Formstack's risk management framework, including the identification, assessment, and mitigation of operational, legal, and regulatory risks. Monitor security compliance trends, changes in regulatory requirements, and new compliance frameworks relevant to Formstack's operations. Develop, maintain, and update internal documentation, including security policies, standards, and guidelines, to ensure they reflect current regulatory requirements and best practices. Manage the vendor risk management program, including the review and monitoring of vendor compliance with Formstack's security standards. Support security awareness training programs across the organization to ensure that all employees are knowledgeable about GRC policies. Provide guidance on governance initiatives and best practices to help improve organizational alignment with compliance and risk management standards. Ensure incident response plans and business continuity plans are up to date and regularly tested through internal tabletops. Collaborate on data privacy initiatives and ensure that Formstack's practices align with privacy regulations like GDPR and CCPA. Act as a liaison between external regulatory bodies, auditors, and internal teams.What We Are Looking For: 5+ years of experience in Governance, Risk, and Compliance (GRC) or a related field, ideally within a SaaS, technology, or healthcare-related environment. Strong knowledge of industry standards and frameworks, including NIST, SOC 2, or ISO 27001. Demonstrated experience conducting risk assessments, security audits, and managing compliance projects. Hands-on experience with cloud security and compliance in environments like AWS. Strong understanding of cybersecurity principles. Experience with third-party vendor risk management and compliance monitoring. Excellent written and verbal communication skills, with the ability to translate complex regulatory requirements into actionable guidance. Ability to work cross-functionally with legal, IT, and engineering teams. Strong organizational skills, attention to detail, and the ability to manage multiple projects in a fast-paced environment.Bonus Points: Bachelor's degree in a relevant field (e.g., Information Security, IT, Business, Law, Engineering). Certifications such as CISSP, CISA, CISM, or CRISC. Familiarity with frameworks such as COBIT or ISO 31000. Experience in the technology or SaaS industry, with a focus on product compliance. Knowledge of secure software development practices and DevSecOps. Experience working in an agile or DevOps environment.Salary: $140,000 - $180,000 a year #J-18808-Ljbffr
Company:
Formstack
Posted:
October 18 on TopUSAJobs
Visit Our Partner Website
This listing was posted on another website. Click here to open: Go to TopUSAJobs
Important Safety Tips
- Always meet the employer in person.
- Avoid sharing sensitive personal and financial information.
- Avoid employment offers that require a deposit or investment.
To learn more, visit the Safety Center or click here to report this listing.
More About this Listing: Senior Analyst, Governance, Risk and Compliance (Denver, Los Angeles and/or
Senior Analyst, Governance, Risk and Compliance (Denver, Los Angeles and/or is a Other Jobs Analyst Job at Formstack located in Los Angeles CA. Find other listings like Senior Analyst, Governance, Risk and Compliance (Denver, Los Angeles and/or by searching Oodle for Other Jobs Analyst Jobs.
Senior Analyst, Governance, Risk and Compliance (Denver, Los Angeles and/or is a Other Jobs Analyst Job at Formstack located in Los Angeles CA. Find other listings like Senior Analyst, Governance, Risk and Compliance (Denver, Los Angeles and/or by searching Oodle for Other Jobs Analyst Jobs.