Job Description
The Governance, Risk, and Compliance Analyst at Samsara is responsible for implementing security controls, managing vendor risk assessments, supporting security audits, and ensuring compliance with frameworks such as SOC 2, ISO 27001, and FedRAMP to enhance the company's security posture.
Key Responsibilities
- Collaborate with legal, procurement, and engineering teams to review and gather evidence for security audits and compliance frameworks such as SOC 2, ISO 27001, and FedRAMP.
- Support and communicate the status of vendor and third-party risks to senior management.
- Drive automation and efficiency in the third-party risk management (TPRM) program using third-party tools and developing native solutions.
- Partner with procurement, legal, and privacy teams to identify, document, and mitigate vendor risks throughout the vendor lifecycle.
- Conduct vendor risk assessments by reviewing security certifications, penetration tests, and policies.
- Work with systems teams to implement security controls across various internal and external systems.
- Coordinate with external auditors, internal engineering, and security teams on procurement activities, audit controls, and compliance requirements.
Requirements
- Minimum of 3 years of experience in the governance, risk, and compliance space.
- Experience implementing or maintaining vendor-risk programs.
- Experience performing security and maturity assessments.
- Supporting the creation or maintenance of risk registers, compliance inventories, and control mappings across internal and external systems.
- Ability to work with systems teams to collaboratively implement security controls across a diverse range of systems, such as Okta, Netsuite, Salesforce, and internal tooling.
- Professional experience coordinating and interacting with external auditors, internal engineering teams, business stakeholders, senior leadership, and security operations teams on procurement activities, audit controls, and compliance requirements.
- Experience conducting vendor risk assessments, including reviewing security certifications, penetration tests, and policies.
- Strong understanding of vendor integration risks and permission scoping across SaaS platforms such as Slack, Google Workspace, and Salesforce.
- Ability to translate complex technical findings and requirements into clear business risks and requirements for non-technical stakeholders.
- Experience working with NIST Cybersecurity Framework profiles, SOC 2, ISO 27001, or similar frameworks (preferred).
- Experience working within common GRC and procurement platforms such as Zip and Vanta (preferred).
- Experience managing high volumes of vendor requests and competing priorities.
- Prior assessment experience in the Software-as-a-Service industry.
Benefits & Perks
Competitive total compensation package including base salary, bonus, and equity (RSUs)
Employee-led remote and flexible working options
Health benefits
Opportunities for career development and growth
Inclusive work environment with accommodations for persons with disabilities
Support for work in hybrid, remote, or in-office settings
Ready to Apply?
Join Samsara and make an impact in renewable energy
Stay Updated on Sustainability Jobs
Get the latest renewable energy jobs and career tips delivered to your inbox.
Job Alerts
Get notified about new sustainability jobs
More jobs at Samsara
Senior Business Value Strategist
Samsara
NEW
Not specified
Full Time
13h
$140k-212k
Chief of Staff, Head of Business Operations, People
Samsara
NEW
SF Bay Area
Full Time
13h
$149k-266k
Senior Manager, Enterprise Collections
Samsara
NEW
Not specified
Full Time
13h
$112k-160k
More jobs in Location not specified
Account Executive APJ
Planet
NEW
Remote
Full Time
13h
Account Executive NATO
Planet
NEW
Remote
Full Time
13h
Account Executive NATO
Planet
NEW
Remote
Full Time
13h