isecjobs.com

Senior Governance, Risk and Compliance Analyst

Denver, CO

Full Time Senior-level / Expert USD 133K - 166K
Company logo

Udemy

View all jobs at Udemy

Apply now Apply later

About us

At Udemy, we’re on a mission to transform lives through learning. Through our intelligent skills platform and a global community of instructors, we’ve helped nearly 80 million learners and more than 17,000 organizations achieve their goals. Come join us in ensuring everyone, everywhere has access to the skills they need to unlock their potential and create possibilities for themselves and others. Learn more about us on our company page.

Where we work

Udemy is headquartered in San Francisco with global offices in Australia, India, Ireland, Mexico, Türkiye and two other US locations (Denver and Austin). This is an in-office position, requiring three days a week in the office (Tuesday, Wednesday, Thursday) and flexibility on Mondays and Fridays.

About your skills

  • Consulting: You see beyond the present problem and identify the fundamental ‘why’. You are a creative thinker and co-design potential solutions with the stakeholders.

  • Influencing: You develop relationships effectively up, down, and across the organization and are able to strategically use these relationships to help move work forward. You scope solutions to  “get to yes” and are capable of pushing back on disagreement if they will not provide the outcome needed for the team or the business. 

  • Decision Making: You use critical thinking to follow a defined decision making process and consider multiple perspectives. Upon making a decision, you are clear in your communication and ensure everyone is aligned in execution.

  • Coaching: You have strong coaching skills allowing you to actively listen and ask the kind of questions to help you diagnose and effectively address issues. 

Preferred Qualifications:

  • Audit Experience: Experience with third-party audits or as an internal auditor, particularly within the technology sector.

  • Certifications: Relevant certifications such as CISA, CISSP, or equivalent are desireable.

About this role 

The GRC Senior Analyst will be responsible for leading the GRC team in achieving and maintaining compliance with key third-party certifications. You will work closely with system and control owners across the organization to document, update, and maintain control language, policies, procedures, and other essential documentation. Your role will involve significant interaction with third-party auditors and internal stakeholders, requiring superior written and verbal communication skills. You will also interface with customers, requiring a professional and positive attitude, particularly under pressure.

\What you’ll be doing 

  • Certification Support: Lead in the preparation, submission, and maintenance of key third-party certifications, including CMMC (Cybersecurity Maturity Model Certification) and assisting in SOC 2, ISO 27001, and other frameworks.

  • Documentation Management: Collaborate with system and control owners to document and update control language, policies, procedures, and other documentation required for certifications and audits.

  • Audit Lead: Serve as a primary point of contact during internal and external audits, effectively communicating with third-party auditors and ensuring audit requirements are met.

  • Cross-Functional Collaboration: Work closely with teams across the organization, including IT, security, and operations, to ensure all compliance-related activities are aligned with business goals and regulatory requirements.

  • Customer Interaction: Interface with customers to address compliance-related inquiries, providing clear and concise information with a professional demeanor.

  • Process Improvement: Continuously evaluate and improve GRC processes, ensuring they are efficient, scalable, and aligned with industry best practices.

  • Risk Management: Lead in identifying, assessing, and mitigating risks related to compliance, working with relevant stakeholders to implement necessary controls.

  • Compliance Monitoring: Maintain up-to-date knowledge of regulatory changes and ensure that the company’s policies and procedures remain compliant.

What you’ll have 

  • Experience: 7+ years of experience in a GRC, compliance, or audit-related role, with a focus on CMMC, NIST, FedRAMP, or similar frameworks.

  • Communication Skills: Superior written and verbal communication skills, with the ability to interact professionally with auditors, customers, and internal teams.

  • Documentation Skills: Excellent attention to detail in documenting controls, policies, and procedures, with the ability to translate complex concepts into clear and actionable language.

  • Calm Under Pressure: Proven ability to remain calm, collected, and professional under pressure, particularly during audits and customer interactions.

  • Collaboration: Ability to work cross-functionally with various departments and teams to achieve compliance objectives.

At Udemy, we strive to be transparent around compensation. Actual compensation for this role is based on several factors, including but not limited to job-related skills, qualifications, experience, and specific work location due to differences in the cost of labor. In addition to a base salary, this role is also eligible for benefits and equity.Hiring Compensation Range$133,000—$166,000 USD

We understand that not everyone will match each of the above qualifications. However, we also realize that everyone has unique experiences that can add value to our company. Even if you think your background might not perfectly align, we'd love to hear from you!

Life at Udemy 

We aspire to be as vibrant and dynamic as the communities we serve, as inquisitive as those who use our platform, and as revolutionary as the future we strive to open for everyone. Here are some of the things we love about life at Udemy:

  • We’re invested in creating an inclusive environment that welcomes a diverse range of backgrounds and experiences. From creating employee resource groups, ensuring we’re a Fair Pay Workplace, and building a flexible work culture, our belonging, equity, diversity, and inclusion (BEDI) initiatives always put our people first. We want you to be able to bring your authentic self to work because when we all do, we’re better for it.

  • Learning is what we do – inside and out. Our Learning & Development team is second to none, helping ensure your journey is one of continuous progression. You’ll also have unlimited access to Udemy courses, monthly UDays (meeting-free professional development days), and a generous annual professional development stipend.

  • Our reason to exist is to revolutionize learning – that calls for taking risks and learning from failures. Whether it’s our hackathons (a company-wide effort to envision new possibilities for our product) or sharing our prototypes, we see experimentation as a crucial step on the path to success.

  • We’re committed to creating world-class employee experiences and are proud of the recognition of this by Great Place to Work. 

Of course, the best thing about being part of Udemy is knowing your work makes a difference for people and organizations around the world. You’ve got the skills; why not use them to help others develop theirs?

At Udemy, we value diversity and inclusion and consider qualified applicants without regard to race, color, religion, sex, national origin, ancestry, age, genetic information, sexual orientation, gender identity, marital or family status, veteran status, medical condition, or disability. 

Our Benefits Start with U

Our benefits start with you and were built to provide you and your family with the protection and care you need, making it easy to access the right coverage when you need it most. Benefits vary by region, and we encourage applicants to review our US Benefits,  Ireland Benefits & Turkiye Benefits pages to get an understanding of some of the benefits we offer. For details on region-specific benefits, please refer to the information provided during the hiring process. 

Benefits outlined are provided as a general overview and may vary depending on the location, role, and employment classification. All benefits are subject to change at the discretion of the organization and in accordance with applicable laws and policies.

Information regarding data privacy is available within the Udemy Careers Privacy Notice.

Apply now Apply later
Job stats:  1  0  0
Categories: Analyst Jobs Compliance Jobs

Tags: Audits CISA CISSP CMMC Compliance FedRAMP Governance ISO 27001 Monitoring NIST Privacy Risk management SOC SOC 2

Perks/benefits: Career development Equity / stock options Flex hours Health care Startup environment Team events

Region: North America
Country: United States

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Security Operations Engineer jobsSystems Engineer jobsProduct Security Engineer jobsSystems Administrator jobsSenior Security Analyst jobsCybersecurity Editor jobsCybersecurity Content Editor jobsSenior Information Security Analyst jobsInformation Security Manager jobsCyber Security Specialist jobsSenior Network Security Engineer jobsIT Security Analyst jobsChief Information Security Officer jobsSenior Information Security Engineer jobsSecurity Consultant jobsInformation System Security Officer (ISSO) jobsSecurity Specialist jobsIT Security Engineer jobsSenior Product Security Engineer jobsInformation Systems Security Engineer jobsCyber Threat Intelligence Analyst jobsSenior Cyber Security Engineer jobsSenior Software Engineer jobsSecurity Operations Analyst jobsCyber Security Architect jobs
Encryption jobsBash jobsJava jobsCEH jobsTS/SCI jobsThreat detection jobsSplunk jobsSDLC jobsTerraform jobsTop Secret jobsSQL jobsSOC 2 jobsMalware jobsIDS jobsRMF jobsIPS jobsFinance jobsForensics jobsDocker jobsCompTIA jobsActive Directory jobsITIL jobsOWASP jobsIntrusion detection jobsVPN jobs
Ansible jobsHIPAA jobsGIAC jobsCRISC jobsIT infrastructure jobsTCP/IP jobsOSCP jobsClearance Required jobsDoDD 8570 jobsCCSP jobsZero Trust jobsDNS jobsMITRE ATT&CK jobsData Analytics jobsSOX jobsSOAR jobsIndustrial jobsArtificial Intelligence jobsJira jobsMachine Learning jobsJavaScript jobsBanking jobsNIST 800-53 jobsCISO jobsUNIX jobs