GRC Analyst

Job ID 25-603 Come join our passionate team! Barracuda is a leading cybersecurity company providing complete protection against complex threats. Our platform protects email, data, applications, and networks with innovative solutions, and a managed XDR service, to strengthen cyber resilience. Hundreds of thousands of IT professionals and managed service providers worldwide trust us to protect and support them with solutions that are easy to buy, deploy, and use.  We know a diverse workforce adds to our collective value and strength as an organization.  Barracuda Networks is proud to be an employer that complies with all applicable national, state and local laws pertaining to nondiscrimination and equal opportunity regardless of race, gender, religion, sex, sexual orientation, national origin, or disability.  Envision yourself at Barracuda You will be a member of Barracuda’s Security team and will support the development of global compliance initiatives by leading compliance-focused programs, collaborating with other departments and business units on key global policies and procedures, defining and communicating strategies, conducting employee training and defining compliance-related controls.  Tech Stack

• Atlassian Cloud, GitHub, Enterprise Risk Assessment tools, Identity & Access Management tools, and Third Party Risk Management tools. 

What you’ll be working on

• Develop and maintain information security policies, procedures, standards, and guidelines based on best practices and regulatory and legal compliance  
• Assist with 3rd Party Supplier Security Risk Management  
• Maintain security and data privacy risk inventory across the enterprise  
• Ensures adequate and effective IT controls exist to meet applicable current and future security compliance requirements found in laws, regulations, and frameworks such as requirements to comply with SSAE 16 SOC I & II, ISO 27001, NIST/StateRAMP, etc.  
• Facilitate and support the gathering, reviewing, assembling, and maintaining of internal and external audit evidence and related documentation work with external auditors to assist in the completion of annual compliance audits  
• Assist with user access/identity management reviews from automated and manual systems  
• Collaborate with cross-functional teams to integrate compliance requirements  
• Monitor and review regulatory updates and issues relative to pertinent security regulatory requirements.  
• Drive continuous improvement efforts to enhance IT compliance and governance practices.  

What you bring to the role:

• 2+ years of experience in IT compliance, governance, or related roles  
• Knowledge on industry specific regulatory requirements and compliance frameworks for cloud providers (FedRAMP/DoD, SOC, ISO, HIPAA, PCI-DSS)  
• Experience integrating and automating IAM systems/tools.  
• Understanding of IT governance frameworks and risk management methodologies  
• Prior experience with cloud providers and/or data centers a plus  
• CISA and other industry certifications such as CISSP, CISM, CRISC or equivalent.  
• Have a passion for and desire to develop expertise in network security and data protection products and technology  
• Ability to work efficiently with minimal oversight/direction as well as part of multiple project teams  

What you’ll get from usA team where you can voice your opinion, make an impact, and where you and your experience are valued. Internal mobility – there are opportunities for cross training and the ability to attain your next career step within Barracuda. In addition, you will receive equity, in the form of non-qualifying options.