Current jobs related to Security Governance Risk and Compliance - San Francisco, California - Gusto
-
Security Engineer
2 weeks ago
San Francisco, California, United States Retool Inc. Full time{"title": "Security Engineer - Governance, Risk, and Compliance", "content": "Secure the Future of Software DevelopmentAt Retool Inc., we're on a mission to bring good software to everyone. Our security team is seeking a highly experienced Security Engineer to plan and build our security posture for governance, risk, and compliance. In this role, you will...
-
Security and Governance Specialist
3 weeks ago
San Francisco, California, United States Compliance Solutions Inc Full timeJob DescriptionJob Summary: We are seeking a highly skilled Compliance Officer to join our team at Compliance Solutions Inc. as a key member of our Security and AI Safety department. The ideal candidate will have a strong background in security and compliance, with a focus on AI safety and governance.Key Responsibilities:Understand and interpret security and...
-
Senior Governance, Risk and Compliance Analyst
3 weeks ago
San Francisco, California, United States Kandji Full timeAbout KandjiKandji is a leading provider of enterprise-grade Apple device management and security solutions. Our platform empowers organizations to centrally manage and secure their Apple devices, freeing up IT and InfoSec teams from manual, repetitive work.Our vision is to create a seamless and secure experience for Apple users, leveraging connected...
-
San Francisco, California, United States Kandji Full timeAbout KandjiKandji is a leading provider of Apple device management and security solutions. Our platform empowers companies to manage and secure Apple devices in the enterprise and at scale.By centrally securing and managing Mac, iPhone, iPad, and Apple TV devices, IT and InfoSec teams can save countless hours of manual, repetitive work with features like...
-
Senior Governance, Risk, and Compliance Engineer
2 weeks ago
San Francisco, California, United States Spire Full timeAbout the Role:We are seeking a highly skilled Governance, Risk, and Compliance (GRC) Engineer to join our team at Spire. As a GRC Engineer, you will play a crucial role in ensuring our compliance with various regulations and standards, including Export Administration Regulations (EAR), International Trafficking in Arms Regulations (ITAR), ISO 27001, and...
-
Senior Governance, Risk, and Compliance Analyst
2 weeks ago
San Francisco, California, United States prosper Full timeAbout the RoleWe are seeking a highly motivated and detail-oriented Senior Governance, Risk, and Compliance Analyst to join our team at Prosper. As a key member of our GRC program, you will be responsible for executing various security compliance initiatives, including PCI DSS, NIST-based risk assessments, security audits, and 3rd party vendor reviews.Key...
-
Governance, Risk, and Compliance Specialist
2 weeks ago
San Francisco, California, United States Sierra Full timeAbout UsAt Sierra, we're revolutionizing the way companies build autonomous AI agents for customer service, commerce, and more. Our in-person team in San Francisco is guided by a set of core values: Trust, Customer Obsession, Craftsmanship, Competitive Intensity, and Family. These values drive our actions and define our culture.Job SummaryWe're seeking a...
-
Director of Compliance and Governance
2 weeks ago
San Francisco, California, United States salesforce Full timeAbout the RoleWe are seeking a highly skilled and experienced professional to lead our Common Controls Framework (CCF) development and governance efforts. As the Director of Compliance and Governance, you will be responsible for designing, governing, and maintaining our CCF, ensuring it aligns with industry standards and regulatory requirements.Key...
-
San Mateo, California, United States Snowflake Full timeAbout the RoleWe are seeking a highly skilled and experienced Senior Cybersecurity Governance, Risk and Compliance Analyst to join our team at Snowflake. As a key member of our Global Security Compliance and Risk (GSCR) team, you will play a critical role in ensuring the security and compliance of our products and services, as well as our Corporate IT...
-
San Mateo, California, United States Snowflake Full timeAbout the Role:We are seeking a highly skilled and experienced Senior Cybersecurity Governance, Risk and Compliance Analyst to join our team at Snowflake. As a key member of our Global Security Compliance and Risk (GSCR) team, you will play a critical role in ensuring the security and compliance of our products and services, as well as our Corporate IT...
-
Compliance and Risk Management Specialist
3 weeks ago
San Francisco, California, United States Perplexity Full time**Job Summary**Perplexity is seeking a highly experienced Governance, Risk, and Compliance (GRC) professional to join our team. As the initial hire for this critical role, you will have the unique opportunity to architect our compliance and risk management strategies from the ground up.**Key Responsibilities**Lead audits for SOC2 and ISO27001, ensuring...
-
Compliance and Risk Management Lead
2 weeks ago
San Francisco, California, United States Perplexity AI Full timePerplexity AI Governance, Risk & Compliance LeadWe are seeking a highly experienced Governance, Risk & Compliance Lead to join our world-class team at Perplexity AI. As the initial hire for this critical role, you will have the unique opportunity to architect our compliance and risk management strategies from the ground up.Key Responsibilities:Lead audits...
-
Risk Management Specialist
3 weeks ago
San Francisco, California, United States Compliance Solutions Inc Full timeAbout the RoleWe are seeking a highly skilled Compliance Officer to join our team at Compliance Solutions Inc. as part of our Security and AI Safety department. The successful candidate will be responsible for understanding security and AI safety expectations, as established by regulators, customers, and industry norms.Key ResponsibilitiesUnderstand the...
-
Information Security Governance Lead
1 month ago
San Francisco, California, United States Avant Digital, Inc. Full timeJob Overview:Position: Information Security Governance LeadLocation: RemoteContract Duration: 6+ MonthsTime Zone: PSTKey Responsibilities: Facilitate the establishment and oversight of Information Security Management Systems in alignment with ISO27001 standards.Assist in the Risk Management framework and coordinate risk evaluation initiatives.Refine existing...
-
Security Governance Consultant
1 month ago
San Francisco, California, United States Insight Global Full timeJob OverviewResponsibilities: · Implement milestones for comprehensive Governance, Risk, and Compliance (GRC) initiatives aligned with the Security strategy. · Manage and conduct intricate control assessments, third-party evaluations, and operational security risk analyses, effectively communicating findings to diverse stakeholders. · Formulate issue and...
-
Director - Enterprise Security and Compliance
2 weeks ago
San Francisco, California, United States Salesforce Full timeAbout SalesforceWe're a leading technology company, empowering businesses to innovate and succeed in a rapidly changing world. Our mission is to help companies connect with their customers in a whole new way, using the power of AI, data, and customer relationship management.About Our TeamIn this role, you'll be part of our Product Security Organization,...
-
Lead Security Risk Analyst
1 month ago
San Francisco, California, United States Postman, Inc. Full timeSenior Security Risk AnalystPostman is recognized as the premier collaboration platform for API development, empowering developers and organizations to innovate efficiently. With over 30 million developers and 500,000 organizations utilizing our platform, we are on a mission to connect 100 million developers worldwide.The Senior Security Risk Analyst will be...
-
Lead Security Risk Analyst
1 month ago
San Francisco, California, United States Postman, Inc. Full timeSenior Security Risk AnalystPostman, Inc. stands as a premier collaboration platform for API development, empowering developers and organizations globally. With over 30 million developers and 500,000 organizations utilizing our platform, we are committed to enhancing our mission of connecting 100 million developers in an API-centric world.The Senior Security...
-
Lead Security Risk Analyst
4 weeks ago
San Francisco, California, United States Postman, Inc. Full timeSenior Security Risk AnalystPostman is recognized as the premier collaboration platform for API development, empowering developers and organizations to innovate in an API-first environment. With over 30 million developers and 500,000 organizations utilizing our platform, we are committed to enhancing our mission of connecting 100 million developers...
-
Lead Security Risk Analyst
1 month ago
San Francisco, California, United States Postman, Inc. Full timeSenior Security Risk AnalystPostman is recognized as the premier collaboration platform for API development, streamlining each phase of API creation and enhancing teamwork to foster superior APIs more efficiently. With over 30 million developers and 500,000 organizations utilizing Postman globally, we are dedicated to our mission of connecting 100 million...
Security Governance Risk and Compliance
3 months ago
About Gusto
Gusto is a modern, online people platform that helps small businesses take care of their teams. On top of full-service payroll, Gusto offers health insurance, 401(k)s, expert HR, and team management tools. Today, Gusto offices in Denver, San Francisco, and New York serve more than 300,000 businesses nationwide.
Our mission is to create a world where work empowers a better life, and it starts right here at Gusto. That's why we're committed to building a collaborative and inclusive workplace, both physically and virtually. Learn more about our Total Rewards philosophy .
Security Governance Risk and Compliance (GRC) Lead
(San Francisco, Denver, NYC or Remote)
Gusto processes billions of dollars in payroll every month for small businesses and their employees. Our clients trust us with a huge amount of personally identifiable information (PII) and protected health information (PHI), including SSNs, EINs, salaries, home addresses, and more. Our business is largely built on trust, as a result protecting our clients' information is our top priority.
The Governance Risk and Compliance (GRC) team is responsible for ensuring that Gusto complies with all applicable laws, regulations and its own internal controls, manages its risks effectively, and maintains a high level of information security. As a Lead GRC Analyst at Gusto, you will play a critical role in ensuring that our organization adheres to the highest standards of governance, risk management, and compliance, including managing of all the pre and post sales IT & Security support for Gusto Embedded.
Here's what you'll do day-to-day:
- Develop, implement, and maintain a comprehensive strategy and supporting documentation that aligns with the business goals and objectives to help support all pre and post sales IT & Security support for Gusto embedded payroll.
- Support pre-sales initiatives with large potential customers by aligning with the internal Sales team on who Gusto is targeting in order to perform initial compatibility due diligence, including reputational checks, public breach history, etc.
- Support the continued refinement of tier-based security requirements, inclusive of internal service level objectives (SLOs).
- Aligning to a chosen security framework with explicit guidelines for each type of partner Gusto would work with.
- Creation of playbooks, driving agility and efficiency, improving Gusto's embedded payroll service, including current controls and positioning IT & Security as a competitive advantage in our go-to-market strategy.
- Develop project plans to capture key milestones, sign off and support throughout the pre (and post) sales process.
- Understand, triage and respond to all partner due diligence requirements in a centralized, organized, and timely manner. For areas with identified gaps, coordinate internal discussions for a path to remediation.
- Facilitate negotiations with partners to ensure there is risk reduction for both parties, including ensuring any commitments from Gusto are specific, time-bound and achievable prior to insertion in a contract.
- Ensure there is continued trust with our Embedded Partners by ensuring proactive communication of external security and IT exam or scan results and management of on-going Security or IT requirements inclusive of annual audits, attestations and other due diligence exercises.
- Continuously monitor changes in compliance regulations, standards, and best practices, and adapt the company's GRC program accordingly.
- Lead efforts to drive process improvement and enhance the effectiveness of the GRC function.
Here's what we're looking for:
- 8+ years of experience in the GRC, audit, compliance space assisting an organization in working towards SOX, SOC 1, SOC 2, ISO 27001, PCI and HIPAA.
- Experience with ISO 27001, ISO 27002, NIST CSF and working knowledge of ISO 27005 and ISO 27018
- Client-facing experience managing pre and post sales for IT & Security support
- Relevant certifications (e.g., CISA, CISSP, CRISC, CISM) preferred.
- Excellent analytical, problem-solving, and project management skills.
- Ability to work collaboratively with cross-functional teams and stakeholders, from control owners up to the executive level.
- High attention to detail and a commitment to upholding the highest standards of data security and compliance.
- Experience with response coordination tools like Loopio, RFPio, etc.
Our cash compensation amount for this role is targeted at $144,000/yr to $180,000/yr in Denver & most remote locations, and $174,000/yr to $210,000/yr for San Francisco & New York. Final offer amounts are determined by multiple factors including candidate experience and expertise and may vary from the amounts listed above.
Gusto has physical office spaces in Denver, San Francisco, and New York City. Employees who are based in those locations will be expected to work from the office on designated days approximately 2-3 days per week (or more depending on role). The same office expectations apply to all Symmetry roles, Gusto's subsidiary, whose physical office is in Scottsdale.
Note: The San Francisco office expectations encompass both the San Francisco and San Jose metro areas.
When approved to work from a location other than a Gusto office, a secure, reliable, and consistent internet connection is required.
Our customers come from all walks of life and so do we. We hire great people from a wide variety of backgrounds, not just because it's the right thing to do, but because it makes our company stronger. If you share our values and our enthusiasm for small businesses, you will find a home at Gusto.
Gusto is proud to be an equal opportunity employer. We do not discriminate in hiring or any employment decision based on race, color, religion, national origin, age, sex (including pregnancy, childbirth, or related medical conditions), marital status, ancestry, physical or mental disability, genetic information, veteran status, gender identity or expression, sexual orientation, or other applicable legally protected characteristic. Gusto considers qualified applicants with criminal histories, consistent with applicable federal, state and local law. Gusto is also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you require assistance in filling out a Gusto job application, please reach out to candidate-
