Job Description
The Governance, Risk, and Compliance Analyst at Samsara is responsible for implementing security controls, managing vendor risk assessments, supporting security audits, and ensuring compliance with frameworks like SOC 2, ISO 27001, and FedRAMP to enhance the company's security posture.
Key Responsibilities
- Support security audit efforts around frameworks such as SOC 2, ISO 27001, and FedRAMP.
- Collaborate with legal, procurement, and engineering teams to review and manage vendor risks throughout the vendor lifecycle.
- Drive automation and efficiency in the third-party risk management (TPRM) program using third-party tools and native solutions.
- Communicate with senior management regarding the status of vendor and third-party risks.
- Perform security and maturity assessments, including reviewing security certifications, penetration tests, and policies.
- Maintain and support the creation of risk registers, compliance inventories, and control mappings across systems.
- Coordinate with external auditors, internal teams, and stakeholders on procurement activities, audit controls, and compliance requirements.
Requirements
- Minimum of 3 years of experience in the governance, risk, and compliance space.
- Experience implementing or maintaining vendor-risk programs.
- Experience performing security and maturity assessments.
- Supporting the creation or maintenance of risk registers, compliance inventories, and control mappings across internal and external systems.
- Ability to work with systems teams to collaboratively implement security controls across a diverse range of systems, such as Okta, Netsuite, Salesforce, and internal tooling.
- Professional experience coordinating and interacting with external auditors, internal engineering teams, business stakeholders, senior leadership, and security operations teams on procurement activities, audit controls, and compliance requirements.
- Experience conducting vendor risk assessments, including reviewing security certifications, penetration tests, and policies.
- Strong understanding of vendor integration risks and permission scoping across SaaS platforms such as Slack, Google Workspace, and Salesforce.
- Ability to translate complex technical findings and requirements into clear business risks and requirements to non-technical stakeholders.
- Experience working with NIST Cybersecurity Framework profiles, SOC 2, ISO 27001, or similar frameworks (preferred).
- Experience working within common GRC and procurement platforms such as Zip and Vanta (preferred).
- Experience managing high volumes of vendor requests and competing priorities.
- Prior assessment experience in the Software-as-a-Service industry.
Benefits & Perks
Competitive total compensation package including base salary, bonus, and equity (RSUs)
Employee-led remote and flexible working options
Health benefits
Opportunities for career development and advancement
Inclusive work environment with accommodations for disabilities
Support for work-life balance through flexible working arrangements
Ready to Apply?
Join Samsara and make an impact in renewable energy
Stay Updated on Sustainability Jobs
Get the latest renewable energy jobs and career tips delivered to your inbox.
Job Alerts
Get notified about new sustainability jobs
More jobs at Samsara
Senior Business Value Strategist
Samsara
NEW
Not specified
Full Time
13h
$140k-212k
Chief of Staff, Head of Business Operations, People
Samsara
NEW
SF Bay Area
Full Time
13h
$149k-266k
Senior Manager, Enterprise Collections
Samsara
NEW
Not specified
Full Time
13h
$112k-160k
More jobs in Location not specified
Account Executive APJ
Planet
NEW
Remote
Full Time
13h
Account Executive NATO
Planet
NEW
Remote
Full Time
13h
Account Executive NATO
Planet
NEW
Remote
Full Time
13h