Governance Risk and Compliance Specialist

What will you accomplish?

• Continue the development of UpGuard’s Governance, Risk, and Compliance function, covering: Primarily focusing on technology and cyber security risk and compliance (owned by CISO). Contributing to the analysis of broader enterprise/operational risk matters (owned by SVP Ops role) at times and where appropriate.
• Run the technology and security components of the Risk Management process with responsibility for its maintenance and continual improvement: Identifying and reporting on trends and insights.
• Drive technology and security components of SOC-2 compliance: Assess and measure compliance with technology control components of UpGuard’s SOC-2 type ii annual audit cycle. Manage and coordinate program remediations and improvements identified from prior cycles, incident post-mortems, etc.
• Work cross-functionally across UpGuard teams: Assist the Product team with the development of public documents to build and maintain Customer and public trust in UpGuard. Help assess and identify gaps and improvement opportunities in the Product development life cycle.
• Draft, develop, and maintain relevant GRC policies, processes, guidelines and similar risk and governance material.
• Design and implement company-wide training materials on the MindTickle platform.
• Support department requests and transactions, and assist with a variety of corporate legal issues.
• Assist in gathering internal information in response to regulatory requests, insurance claims reviews, various general administrative duties and initiatives as needed.

What do we need from you?

• Familiarity and expertise with technology risk management, governance, and compliance management tools.
• Experience with legal or compliance teams covering diverse geographic and risk areas (for example, privacy, vendor management, anti-corruption) in a technical landscape.
• 4+ years of relevant work experience
• A clear, collaborative communicator with a proven ability to see the big picture whilst also understanding the details and navigating towards successful outcomes.
• A skilful drafter, issue-spotter, and problem-solver able to assess both legal and business risks.
• An eager, flexible learner who's confident in handling tasks and answering questions you've never faced.
• A team player with the ability to work with all levels of the organization.
• Ability to foster and maintain good business relationships (internally and externally).
• Meticulous attention to detail, process, and ethics.
• A desire to teach and learn.
• A willingness to expand the range of job responsibilities as needed, based on the evolution of the Company and the role.
• The ability to work independently and take initiative.
• A team-focused mindset, a passion for formulating and executing long-term strategies while managing details
• An ability to issue-spot and analyze legal issues, present positive, creative solutions, and advise management of risks to help the business achieve its goals.

What's in it for you?

• Rapidly growing user base: Work directly with some of the world’s largest, fastest-growing, and most innovative companies
• Interesting problems, at scale: Deeply explore the ever-evolving world of cybersecurity, with a platform processing billions of data points daily
• Learn from industry-leading experts: Our security research has been featured in The New York Times, The New Yorker, The Washington Post, TechCrunch, Bloomberg, Gizmodo, Engadget, Forbes, ZDNet, and The Guardian
• Impact: See the impact of your work on a daily basis, with data and impact available on dashboards you have access to
• Generous compensation: Extremely competitive base salary and equity
• Great perks: Free lunch, flexible work arrangements, budget for professional development and gym reimbursement