Information Security Grc Analyst

Who we are:
BigID is an innovative tech startup that focuses on solutions for data security, compliance, privacy, and governance. We're leading the market in all things data: helping our customers reduce risk, drive business innovation, achieve compliance, build customer trust, make better decisions, and get more value from their data.
We are building a global team with a passion for innovation and next-gen technology. BigID has been recognized for being one of CNBC’s Top 25 Startups powering the economy, we're on Built In's 2023 Best Places to Work, #21 on the 2022 Deloitte 500 (most innovative, fastest-growing companies in North America) and we’re on the 2022 Inc 5000.
At BigID, our team is the foundation of our success. Join a people-centric culture that is fast-paced and rewarding: you’ll have the opportunity to work with some of the most talented people in the industry who value innovation, diversity, integrity, and collaboration.
Who we seek:
The GRC Analyst will interface directly with various teams throughout the company and will support security compliance efforts across BigID and its products. This role is a key driver of governance, risk, and compliance efforts, and is responsible for the implementation and maintenance of the organization’s security program. This role is for a GRC Analyst reporting to the Director of GRC.
What you’ll do:

• Cooperate with teams across BigID to identify risks and compliance gaps
• Research methods for evidence collection automation and compliance process enhancements
• Identify improvement opportunities and provide feedback to senior team members and management
• Maintain and optimize BigID’s security awareness training program
• Contribute to the development, implementation, and maintenance of policies, processes, and procedures in coordination with teams across BigID
• Operate and enhance BigID’s risk management processes by conducting risk assessments and developing supporting documentation
• Manage GRC tools implementation and utilization
• Respond to customer and prospect questionnaires, and coordinate with sales staff to further enable their success through customer engagements
• Contribute to the management of BigID’s security compliance program including SOC 2, ISO 27001, and PCI DSS
• Manage multiple concurrent GRC projects, each with varying priority, timelines, and resource requirements

What you’ll bring:

• Excellent organizational, analytical/problem-solving skills
• Ability to work in a fast-paced, rapidly evolving company environment and drive results
• Experience in external or internal security audit/compliance activities
• Bachelor’s Degree or a combination of relevant work experience and professional certifications
• Self-starter, self-motivated, proactive, and able to handle concurrent activities
• Excellent communication, presentation, and interpersonal skills – the ability to communicate across and up the organization including internal communication to gain buy-in on GRC strategy
• Ability to handle complexity and innovation
• 2+ years project management experience
• Strong interpersonal skills
• Experience reviewing third-party due diligence questionnaires and collateral and communicating with customers to support their due diligence needs
• Hands on experience using Atlassian products – Jira and Confluence
• 4+ years experience in an audit, risk management, or GRC role

What’s in it for you?!
Our people are the foundation of our success, and we prioritize offering a wide range of benefits that make our team happier and healthier.

• Equity participation - everyone shares in our success
• Medical, Dental, Vision, 401k - that go into effect your first day
• Flexible work arrangements

Our Values:
We look for people who embody our values - Care, Do, Try & Shine.

• Try - We try our best and we don’t give up
• Care - We care about our customers and each other
• Do - We do what it takes to make a positive impact
• Shine - We shine and make it our mission to always stand out

BigDiversity: We’re committed to creating a culture of inclusion, diversity, and equality – across race, gender, sexuality, disability, and neurodiversity – where innovation and growth thrive, every voice is heard, and everybody belongs.
The annual base salary range is $X – $X. Actual salaries will vary and are based on a candidate’s qualifications, skills, and competencies. Salary is just one component of our Compensation Philosophy. Variable/Bonus Compensation & Equity Incentives align with individual and company performance.
CPRA Employee Privacy Notice: CA