Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
GRC Analyst (Cybersecurity): Managing and maintaining security and privacy frameworks like ISO 27001, SOC 2, HIPAA, and PCI DSS to ensure ethical and regulatory compliance with an accent on audit lifecycle management and internal controls. Focus on streamlining annual audits, automating GRC operations, and supporting go-to-market teams through security questionnaires.
Location: Remote, Onsite, or Hybrid. If based within commuting distance of SF, NY, London, or Berlin, in-office anchor days (Monday, Tuesday, and Friday) are required.
Salary: $134,000 – $202,000 (SF base pay)
Company
Vercel is an agentic infrastructure company and the creator of Next.js, v0, and AI SDK, providing platforms for developers and AI agents to ship products at scale.
What you will do
- Collaborate with internal teams to maintain a suite of internal controls and drive remediation efforts.
- Build cross-functional relationships to ensure compliance accountability is shared across the business.
- Manage audit deliverables, develop treatment plans, and coordinate teams to ensure annual audit success.
- Monitor and improve evidence management practices and identify opportunities to automate GRC operations.
- Accelerate deal cycles by supporting security questionnaires and maintaining customer-facing security documentation.
- Design and manage company-wide training on compliance, ethics, and regulatory requirements.
Requirements
- At least 3 years of experience supporting the audit lifecycle in a cloud-centric environment (SOC 2, ISO 27001, PCI, HIPAA, etc.).
- Experience incorporating policies and technical controls into the SDLC.
- Strong project management skills and the ability to execute projects across various business units.
- Must be based in the United States or near one of the specified office hubs.
Nice to have
- Strong experience with cloud infrastructure such as Azure or AWS.
- Familiarity with GRC or development tools like Drata, Linear, or Datadog.
- Experience with frontend development and open source components.
- Relevant certifications such as CISM, CISSP, or CCEP.
Culture & Benefits
- Competitive compensation package including equity.
- Inclusive healthcare package.
- Mentorship programs and budget for professional events and networking.
- Flexible time off.
- Provision of necessary hardware and a WFH budget for home office setup.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →