GRC Analyst

Responsibilities

• Respond to incoming customer security questionnaires and security inquiries, ensuring timely, accurate, and well documented responses
• Address compliance reviews, audits, and customer risk assessments by standards and policies
• Maintain and monitor a central source of evidentiary information in preparation for regular audits
• Work with stakeholders companywide to ensure evidence collection is automated to the fullest extent possible
• Support SOC 2, ISO 27001 & HIPAA audit activity
• Work together with other stakeholders to ensure our corporate IT and procurement practices meet GRC objectives
• Assist the department in responding to inquiries from the business units about ongoing operational compliance
• Share information with managers to avoid surprises, draw attention to problems, and guarantee on-time preparation of compliance-related deliverables
• Knowledge, Skills & Abilities:
• A degree in information security, risk management, governance, or a related field, or equivalent combination of education and experience
• Strong written and verbal communication skills
• 2-3 years of experience in SRE, DevOps, GRC, or InfoSec
• Direct experience in or interest in developing in a GRC role
• Experience with one or more enterprise task management suites such as JIRA
• Hands-on experience with a GRC platform such as Vanta, Drata, Trustcloud, or OneTrust to manage compliance workflows and evidence collection
• Familiarity with risk assessment methodologies and frameworks (e.g., NIST CSF)
• Ability to translate technical compliance requirements into clear guidance for non-technical stakeholders
• Strong attention to detail with the ability to manage multiple priorities and deadlines simultaneously
• DataRobot Operating Principles:
• Wow Our Customers
• Set High Standards
• Be Better Than Yesterday
• Be Rigorous
• Assume Positive Intent
• Have the Tough Conversations
• Be Better Together
• Debate, Decide, Commit
• Deliver Results
• Overcommunicate
• All applicant data submitted is handled in accordance with our Applicant Privacy Policy .

Benefits

Additional Information

Job Description: DataRobot delivers AI that maximizes impact and minimizes business risk. Our platform and applications integrate into core business processes so teams can develop, deliver, and govern AI at scale. DataRobot empowers practitioners to deliver predictive and generative AI, and enables leaders to secure their AI assets. Organizations worldwide rely on DataRobot for AI that makes sense for their business - today and in the future. The GRC Analyst will collaborate with process owners, auditors, and other stakeholders to support the DataRobot Information Security Team in reviewing, monitoring, and resolving audit and security-related findings. This includes helping the GRC Lead manage ISO27001,SOC 2 & HIPAA Compliance programs. By supporting the implementation and maintenance of compliance automation tooling, as well as internal and external assessments within the contexts of customer risk management programs and compliance audits for regulations and standards including SOC2, ISO 27001, and other GRC activities, the GRC Analyst will contribute to the transformation of the company's Information Security compliance program.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at datarobot? Share your experience