GRC Analyst

About the Team

At Miro, the Security Stream is dedicated to fostering business growth and enduring customer trust by implementing advanced security measures. They develop balanced security strategies, providing assurance and empowering engineering teams with the necessary tools and guidance. This support covers secure cloud management, establishing secure development practices, and effectively detecting and mitigating security incidents.
A key part of this is the Trust & Information Security Team, which concentrates on maintaining the highest information security standards to safeguard the data and privacy of Miro's customers, employees, and stakeholders. This team manages business risks, ensures adherence to legal and regulatory requirements, and promotes a culture of security awareness. Additionally, they act as trusted compliance advisors to the Go-To-Market (GTM) teams, helping to enable and speed up strategic sales initiatives.

About the Role

We are seeking a highly knowledgeable and customer-centric Compliance Customer Success Manager (CSM) to serve as a primary resource for our customers navigating the complexities of cybersecurity and AI governance frameworks. This role is pivotal in ensuring our customers receive accurate, clear, and timely answers to their questions regarding NIST (CSF, 800-53, etc.), SOC2 (Type 1 & 2), ISO 27001, and the emerging ISO 42001 standard. The ideal candidate possesses deep subject matter expertise in these frameworks combined with exceptional communication skills to act as a trusted advisor. You will be instrumental in building customer confidence, fostering strong relationships, and ensuring customers feel supported in their compliance journey.  

What you’ll do

• Compliance Subject Matter Expert: Serve as the go-to expert for customer inquiries related to the interpretation, requirements, and best practices of NIST, SOC2, ISO 27001, and ISO 42001 frameworks
• Query Resolution: Directly address and resolve customer questions regarding these compliance standards, ensuring accuracy and clarity in all communications (email, calls, support tickets)
• Contextual Understanding: Understand the customer's business context and how their compliance questions relate to their use of our products/services or their broader GRC strategy
• Information Dissemination: Clearly articulate complex compliance concepts to both technical and non-technical customer stakeholders
• Relationship Building: Build trust and rapport with customers through reliable and expert handling of their compliance inquiries
• Internal Collaboration: Work closely with Support, Product, and Sales teams to ensure consistent and accurate messaging regarding compliance topics. Provide internal training or resources as needed
• Knowledge Management: Document common compliance questions and answers, contributing to internal knowledge bases and potentially customer-facing FAQs or documentation
• Stay Current: Continuously monitor changes and updates to relevant compliance frameworks and industry best practices
• Customer Advocacy: Relay customer feedback and frequently asked questions related to compliance back to internal teams to inform product development and service improvements
• Support Customer Success Goals: Contribute to overall customer retention and satisfaction by providing exceptional compliance-focused support

What you’ll need

• Proven experience (typically 3-5+ years) in a GRC, cybersecurity consulting, internal audit, compliance management, or technical support role with a strong focus on specific frameworks
• Deep, demonstrable understanding and practical knowledge of NIST frameworks (e.g., Cybersecurity Framework, NIST SP 800-53). Must be able to explain core concepts and requirements accurately
• Deep, demonstrable understanding and practical knowledge of SOC2 (Trust Services Criteria - Security, Availability, Confidentiality, Processing Integrity, Privacy). Must be able to explain criteria and audit concepts accurately
• Deep, demonstrable understanding and practical knowledge of ISO 27001 (Information Security Management Systems). Must be able to explain the ISMS structure, risk assessment process, and Annex A controls accurately
• Strong familiarity and understanding of ISO 42001 (Artificial Intelligence Management Systems) and its core principles/requirements. Must be able to discuss its objectives and key components
• Exceptional communication skills (written and verbal), with a proven ability to explain complex technical and compliance concepts clearly, accurately, and patiently
• Excellent research and analytical skills; ability to find and verify accurate information regarding compliance standards
• Strong customer service orientation and interpersonal skills
• Ability to manage multiple inquiries simultaneously and prioritize effectively
• Bachelor's degree in Information Technology, Cybersecurity, Law, or a related field, OR equivalent practical experience demonstrating deep compliance expertise.

What's in it for you

• Competitive equity package
• Health insurance for you and your family
• Corporate pension plan
• Lunch, snacks and drinks provided in the office
• Wellbeing benefit and WFH equipment allowance
• Annual learning and development allowance to grow your skills and career
• Opportunity to work for a globally diverse team

About Miro

Miro is a visual workspace for innovation that enables distributed teams of any size to build the next big thing. The platform's infinite canvas enables teams to lead engaging workshops and meetings, design products, brainstorm ideas, and more. Miro, co-headquartered in San Francisco and Amsterdam, serves more than 90M users worldwide, including 99% of the Fortune 100. Miro was founded in 2011 and currently has more than 1,600 employees in 12 hubs around the world.

We are a team of dreamers. We look for individuals who dream big, work hard, and above all stay humble. Collaboration is at the heart of what we do and through our work together we hope to create a supportive, welcoming, and innovative environment. We strive to play as a team to win the world and create a better version of ourselves every day. If this sounds like something that excites you, we want to hear from you!

Check out more about life at Miro: 

• Youtube: https://www.youtube.com/@lifeatmiro
• Blog: https://miro.com/careers/life-at-miro/all/
• Instagram: https://www.instagram.com/mirohq/

At Miro, we strive to create and foster an environment of belonging and collaboration across cultural differences. Miro’s mission — Empower teams to create the next big thing — is how we think about our product, people, and culture. We believe that creating big things requires diverse and inclusive teams. Diversity invites all talent with different demography, identities and styles to step in, and inclusion invites them to step closer together. Every day, we are working to build a more diverse Miro, cultivate a sense of belonging for future and current Mironeers around the world, and foster an environment where everyone can collaborate and embrace differences.

Miro handles and uses personal data of job applicants in line with its Recruitment Privacy Policy found here.