Governance, Risk and Compliance Analyst
Posted on Friday, December 8, 2023
FloQast is looking for a GRC Analyst to join our growing InfoSec and Compliance team. This position will support the management of compliance controls, organizational policies, procedures, and standards in support of regulatory compliance needs as well as organizational information security practices. You will advise and build relationships with key team members across multiple core departments, aligning department workflows to build a best-in-class compliance program.
The InfoSec and Compliance department at FloQast reports directly to the General Counsel and is responsible for ensuring FloQast maintains compliance with an array of security and privacy frameworks, including GDPR, CPRA, ISO 27701, SOC 1, SOC 2, and ISO 27001. We are a team of in-house subject matter experts that advise, direct, train, and monitor the organization, resulting in daily interactions with all departments working together on a variety of unique and interesting business initiatives.
*Visa sponsorship is NOT available at this time
What You'll Do:
- Update FloQast's internal controls inventory as new controls are added and existing controls are changed
- Build upon the controls inventory to ensure control owners, testing procedures, related policies, and other pertinent information is accurately documented and kept up to date
- Work with control owners to ensure process narratives are documented and updated annually for all controls
- Initiate, monitor, and follow up on monthly and quarterly control activities to ensure they are completed on time and proper evidence is documented to meet audit requirements.
- Facilitate the development and maintenance of policies, standards, processes, and guidelines by drafting the documentation update, gathering the appropriate approvals, and reporting on all changes in policy review meetings.
- Support annual internal and external SOC 1, SOC 2, and ISO 27001 audits by scheduling audit interviews, submitting evidence requests to control owners, following up as needed to obtain evidence on time, reviewing evidence provided for accuracy, and facilitating follow up requests as needed to ensure our audits remain on schedule.
- Aggregate identified internal control issues and perform a root cause analysis and collaborate on remediation efforts
- Be an advocate for compliance best practices and the point of contact for stakeholders from departments throughout the company
- Assist in responding to security questionnaires
- Participate in and contribute to cross-functional project teams
- Any other tasks that may be assigned to help the company meet its goals
What You'll Bring:
- 3+ years of relevant experience
- Knowledge and familiarity with at least one security, privacy, and compliance practices (SOC 1, SOC 2, ISO 27001, ISO 27701, PCI, HIPAA, etc)
- Understanding of information security and privacy fundamentals
- Certification preferred in one of the following: CompTIA, CISSP, CISA, CISM, Cloud platforms such as AWS, Azure or GCP
- Familiarity with NIST, CIS, and other information security frameworks is a bonus but not required
- Experience working for a software development company is a bonus but not required
- Highly collaborative, detail-oriented, intellectually curious, with strong organizational skills and an authentically friendly demeanor
- Builder mindset, comfortable sharing ideas, trying new approaches and is focused on achieving team and company short and long term goals
- Flexible and adaptable in high growth, start-up environment
The base pay range for this position is $70,000- $100,000. Compensation is not limited to base salary. FloQast values our Total Rewards, and offers a competitive and elaborate Benefits Package including, but not limited to, Medical, Dental, Vision, Family Forming benefits, Life & Disability Insurance, Unlimited Vacation, and participation in our Employee Stock Program. FloQast reserves the right to amend, change, alter, and revise pay ranges and benefits offerings at any time. All applicants acknowledge that by applying to this position you understand that this specific pay range is contingent upon meeting the qualifications and requirements of the role, and for the successful completion of the interview selection and process. It is at the Company's discretion to determine what pay is provided to a candidate within the range associated with the role.
About FloQast www.floqast.com
FloQast is the leader in accounting workflow automation created by accountants for accountants. By automating and modernizing everyday accounting workflows, FloQast enables accountants to work better together and perform their tasks with greater efficiency and accuracy. The cloud-based, AI-enhanced software is trusted by more than 2,500 accounting teams, including those at Snowflake, Kodiak, Instacart, Zoom, and The Golden State Warriors - and still growing! We aspire to forever elevate accounting and improve both the practice and perceptions of the profession.
Our values serve as a compass that guides our decisions and are considered non-negotiable, especially when it comes to hiring. Together with our employees, partners, and customers, we live these values every day.
Ambitious with Integrity
Empowered to Grow
Committed to Collaboration
Customer Obsessed in All Ways
Here’s Why You Should Apply:
Amazing Benefits - FloQast pays 100% of the premium for employees and families for most Medical, Dental, & Vision plans.
Competitive Compensation & Stock Options
FloQast is regularly rated as a Best Place to Work!
- Inc. Magazine’s Best Workplaces in 2023, 2022, and 2021
- Best Places to Work by LA Business Journal since 2017 (that’s 6 years!)
- Built In’s Best Place to Work in Los Angeles 4 years in a row!
Professional Growth & Community - We believe community extends through and beyond the office. We have Employee Resource Groups, community volunteer opportunities, social events, DEI initiatives, and reimbursements for professional development relevant to your role.
Work-Life Balance - We have unlimited PTO along with a generous parental leave policy. To top it off, we have Mental Health Days, where the company closes to allow employees to unplug, relax, and recharge (we know Zoom fatigue is a real thing!)
Employee Choice Policy - Employees can work from home and also have the option to work in a FloQast office or maintain a hybrid work schedule.
Our customers love us! See for yourself on G2 Crowd.
FloQast, Inc is committed to operating fair and unbiased recruitment procedures allowing all applicants an equal opportunity for employment, free from discrimination on the basis of religion, race, sex, age, sexual orientation, disability, color, ethnic or national origin, or any other classification as may be protected by applicable law. We aim to recruit the right people for the jobs we have to offer, and to assess applications on the basis of relevant skills, education, and experience. We welcome people of different backgrounds, experiences, abilities, and perspectives. We are an equal opportunity employer and strive to provide a professional and welcoming workplace for all employees.