Senior Staff Analyst, GRC

Job not on LinkedIn

October 13

Apply Now

Receive Emails with Similar Jobs

Mozilla

WebsiteLinkedInAll Job Openings

B2C • Cybersecurity • Software

Mozilla is a non-profit organization dedicated to promoting an open and accessible internet. They are the makers of the popular Firefox browser, which emphasizes user privacy, speed, and control. Mozilla also offers a range of products that focus on internet security and privacy, including Mozilla VPN, Firefox Relay, and Mozilla Monitor. Additionally, the organization is involved in open-source projects, AI innovation, and advocating for digital rights. Mozilla aims to empower users with trustworthy technology and policies that protect privacy, support open-source AI development, and foster accountability for tech companies.

501 - 1000 employees

Founded 1998

👥 B2C

🔒 Cybersecurity

📋 Description

• Governance : develop and maintain a comprehensive GRC strategy and roadmap aligned with business objectives. Lead the creation and enforcement of standards, policies, controls, audits, reporting across various enterprise and product verticals. • Risk Mgmt : develop and operationalize a risk assessment and management framework on a periodic basis to enable prioritization and remediation of critical issues. Define and deliver measurable scorecards and metrics to enable data driven decision making • Compliance : ensure compliance with various regulatory standards and frameworks ( ISO, NIST, SOC2, CCPA, GDPR, etc). Lead internal and external audit activities including tracking and resolving deficiencies and remediations. • Partner closely with Legal / IT / Finance / Security to align on the GRC program and deliver a cohesive integrated risk management framework. • Led defining requirement and reporting (scorecards) of data life cycle management across enterprise and product domains working with data platform and legal team.

🎯 Requirements

• 10+ years of progressive experience in developing and delivering an integrated GRC framework • Strong understanding and deep knowledge of regulatory frameworks, processes and tools related to building a robust GRC framework • Experience leading and delivering cross functional requirements for product & enterprise teams to implement controls and measures to meet compliance requirements • Relevant industry certifications (CISA, CISSP, CISM, CRISC, etc) • Hands-on understanding of using various technology and tools (SEIM, BI Tools) • Ability to develop Root Cause Analysis (RCA) and remediation plans to resolve risk deficiencies working with respective stakeholder teams. • Strong critical thinking skills with the ability to drive long term organizational impact • A background that demonstrates a bias for action and the ability to navigate constraints in order to achieve business outcomes • Ability to collaborate and influence a diverse group of stakeholders to address cross-functional challenges and lead change

🏖️ Benefits

• Generous performance-based bonus plans to all eligible employees - we share in our success as one team • Rich medical, dental, and vision coverage • Generous retirement contributions with 100% immediate vesting (regardless of whether you contribute) • Quarterly all-company wellness days where everyone takes a pause together • Country specific holidays plus a day off for your birthday • One-time home office stipend • Annual professional development budget • Quarterly well-being stipend • Considerable paid parental leave • Employee referral bonus program • Other benefits (life/AD&D, disability, EAP, etc. - varies by country)