Sr. GRC Analyst

Please Note: This is a Utah-based hybrid position which will require some regular in-office days each week. Additionally, employment with BambooHR is contingent on passing both a background and credit check. 

Essential Job Duties

As a Sr. GRC Analyst, you will be responsible for working with our GRC team to create our GRC program. Some of the tasks include ensuring all compliance controls are documented, tracked, and completed in a timely manner, reviewing the compliance of all third-party vendors during procurement reviews, vendor management, policy management, and may from time to time be interfacing with customers and potential customers to discuss our compliance controls.

You will:

• Implement and maintain our GRC program
• Facilitate audit programs, manage the audit processes, and ensure continual compliance
• Monitor the regulatory landscape and provide recommended actions for compliance
• Perform third-party procurement reviews and create a process for continual third-party audits
• Formulate, review, suggest improvements, and manage annual reviews for policy documents in collaboration with stakeholders
• Recognize AI as a helpful tool for simplifying data-heavy GRC tasks, and are open to exploring its potential in compliance and risk work.  Use basic AI features like NLP to parse technology documents and categorize compliance evidence while following guided processes, and consider the ethical use of AI.  
• Work across teams and coordinate activities to complete compliance controls
• Summarize complex compliance data into meaningful reports to aid management decisions

What You Need to Get the Job Done

• 3 - 5+ years of experience running the GRC program for a publicly traded company, with at least 2 years in Compliance and Risk management 
• 4+ years of experience in security, IT, audit, compliance, technical writing, project management, or similar
• Expert for the compliance framework ISO 27001 (Knowledge of AICPA SOC 1, and SOC 2 is strongly preferred), in a SaaS environment
• Experience implementing and operating tools for GRC management
• Experience developing and implementing information security controls within cloud native / cloud-first organizations (AWS, Azure, GCP, etc.)
• Experience with vendor management, policy management, and project management
• Ability to effectively communicate governance, risk, audit, and compliance functions to executives 
• Certifications strongly preferred: CGRC, CRISC, CISA, CISM, CGEIT, PMP, or similar

What Will Make Us REALLY Love You 

• Strong organization and communication skills
• Detail-oriented with a passion for maintaining quality 
• Strong understanding of data privacy regulations such as CCPA, GDPR, etc.
• Solid technical background with an ability to give instructions to a non-technical audience
• A strong commitment to ongoing learning and professional development, with a growth mindset where you actively seek opportunities to expand your knowledge and skills
• An "AI/Automation First" Mindset: Experience identifying opportunities and implementing automated solutions.
• At BambooHR, we believe in leveraging cutting-edge technology to empower people and transform HR. We're actively integrating AI into our solutions and workflows to enhance efficiency and drive innovation. To that end, we're looking to our existing team members and future hires to share this forward-thinking mindset: individuals who are curious about AI's potential, eager to learn and adapt, and ready to explore how intelligent tools can elevate their work along with BambooHR's impact on setting people free to do great work. Join us in reimagining the future of HR!

What You'll Love About Us

• A Great Company Culture that has been recognized by multiple organizations like Inc, and Salt Lake Tribune
• Comprehensive health, life, and disability insurance 
• Generous leave policies that include 4 weeks of vacation, 12 company holidays, parental leave, and volunteer time off so you can enjoy quality of life
• 401k plans with up to 6% company match
• $2000 Paid-Paid Vacation bonus
• EAP through Headspace
• Check out all our benefits that benefit you 

About Us

At BambooHR, we're building something different: we're building a people intelligence platform that transforms HR and sets people free to do great work! We're a proven market leader driving innovation while building lasting success through thoughtful, sustainable growth. Here, you'll find a place that champions growth: both professional and personal, both individual and collective. 

We invest in potential, giving you the space to stretch your capabilities and turn good ideas into reality while providing the safety net of a supportive, values-driven culture. Our approach combines meaningful work with meaningful lives, offering competitive benefits, professional development, and the flexibility to thrive both in and outside the office. 

What sets us apart isn't just what we do, but how we do it: with openness, integrity, and a shared commitment to doing the right thing. Join us in creating HR software that makes work better for everyone, while we make work better for you.

BambooHR is committed to the full inclusion of all qualified individuals and will ensure that persons with disabilities are provided reasonable accommodations throughout the hiring process.  If you would like to request accommodations, please let your recruiter know.

BambooHR is An Equal Opportunity Employer--M/F/D/V
Because our team members are trusted to handle sensitive information, we require all candidates that receive and accept employment offers to complete a background check before being hired.

For information on California Privacy Policy, click here.