Senior Compliance and Risk Analyst

5 hours, 33 minutes ago
Full-time
Senior
Cybersecurity
Calendly

Calendly

Calendly offers a modern scheduling platform that simplifies the process of finding meeting times, allowing users to eliminate the hassle of back-and-forth communication and enhance productivity through automated scheduling features.

Internet Software & Services
251-1K
Founded 2013
$351M raised

Description

  • Own and manage the organization's compliance program, including SOC 2 and ISO 27001 readiness, certification, and ongoing maintenance.
  • Develop and execute a compliance roadmap aligned with business objectives, regulatory requirements, and organizational risk appetite.
  • Lead internal and external audits by coordinating evidence collection, managing auditor relationships, and driving timely remediation of findings.
  • Monitor changes in regulatory and industry frameworks and assess their impact on the compliance program.
  • Own the enterprise risk management process, including risk identification, assessment, treatment planning, and ongoing monitoring.
  • Conduct periodic risk assessments and partner with stakeholders to identify control gaps and prioritize remediation activities.
  • Develop and present compliance metrics, risk dashboards, and executive reports for senior leadership.
  • Design, document, and improve internal controls aligned with SOC 2, ISO 27001, and other applicable frameworks.
  • Lead control testing, including evidence collection, effectiveness validation, remediation tracking, and continuous improvement.
  • Expand and mature the common controls framework, optimize compliance automation, and perform User Access Reviews (UARs).
  • Partner with Engineering, Security, Product, Legal, HR, and Operations to integrate compliance into business processes and product development.
  • Develop training, playbooks, and self-service resources that help teams meet compliance requirements efficiently.

Requirements

  • 5+ years of experience in compliance, risk management, audit, or GRC roles within a technology or SaaS environment.
  • Experience owning or leading compliance programs supporting SOC 2 and ISO 27001.
  • Working knowledge of security and privacy frameworks including NIST, ISO 27001, GDPR, and HIPAA.
  • Experience administering compliance automation platforms such as Drata, Vanta, Tugboat Logic, or similar solutions.
  • Experience performing User Access Reviews (UARs) using GRC or compliance automation platforms.
  • Strong understanding of internal controls, risk assessment methodologies, and audit processes.
  • Demonstrated ability to manage multiple initiatives and deliver results in a fast-paced environment.
  • Excellent project management, analytical, and problem-solving skills.
  • Strong communication skills with the ability to translate technical and regulatory requirements into practical business solutions.
  • Proven ability to collaborate effectively with technical and non-technical stakeholders across the organization.
  • Experience leveraging AI to improve compliance processes or automate workflows, preferred.
  • Experience scaling compliance programs within a high-growth SaaS organization, preferred.
  • Hands-on experience developing or expanding a common controls framework, preferred.
  • Advanced expertise configuring compliance automation platforms, including integrations, custom controls, and reporting, preferred.
  • Familiarity with additional compliance frameworks such as PCI DSS or FedRAMP, preferred.
  • Experience developing compliance training, awareness programs, or self-service enablement resources, preferred.
  • Professional certifications such as CISA, CRISC, CISSP, CCSK, or equivalent, preferred.

Benefits

  • Annual base salary range of $165,198 to $233,221 USD, depending on location and experience.
  • Top Performer Bonus program, or Sales incentive for eligible employees.
  • Equity awards as part of the total rewards package.
  • Competitive benefits for full-time employees.
  • Location-based pay ranges for remote or hybrid workers.
  • Occasional travel opportunities for company events, team collaboration, or offsites.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Manager, Employee Relations and Compliance

Ladders 51-250 Professional Services

AccuWeather is hiring an HR Manager, Employee Relations & Compliance to partner with leaders on employee relations, compliance, performance management, and HR operations across the organization.

5 hours, 18 minutes ago

Senior Manager, Customer Trust & Security Governance

GitLab 1K-5K Internet Software & Services

GitLab is hiring a Senior Manager, Customer Trust & Security Governance to lead customer-facing security programs, strengthen governance, and improve how security requirements are handled across the business.

DevSecOps
6 hours, 3 minutes ago

Senior Manager of Regulatory Affairs

Voltus 251-1K Electric Utilities

Voltus is hiring a Senior Manager of Regulatory Affairs to advocate for distributed energy resources across federal, state, and wholesale energy markets in support of the company’s clean energy mission.

6 hours, 18 minutes ago

Regulatory Affairs Specialist (Australia)

Alimentiv 251-1K Professional Services

Global Regulatory Affairs role at a clinical research organization supporting clinical trial submissions, regulatory compliance, and stakeholder guidance across global projects.

6 hours, 18 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers