Job Description
The Governance, Risk, and Compliance Analyst at Samsara is responsible for ensuring security controls and compliance requirements are met across systems, supporting security audits, managing vendor risk assessments, and collaborating with various teams to enhance the company's security posture.
Key Responsibilities
- Communicate with senior management about vendor and third-party risks
- Support security audit efforts for frameworks like SOC 2, ISO 27001, and FedRAMP
- Drive automation and efficiency in the third-party risk management (TPRM) program
- Partner with Procurement, Legal, and Privacy teams to identify, document, and mitigate vendor risks
- Coordinate with external auditors, engineering teams, and stakeholders on procurement, audit controls, and compliance
- Conduct vendor risk assessments, including reviewing security certifications, penetration tests, and policies
Requirements
- Minimum of 3 years of experience in the governance, risk, and compliance space.
- Experience implementing or maintaining vendor-risk programs.
- Experience performing security and maturity assessments.
- Supporting the creation or maintenance of risk registers, compliance inventories, and control mappings across internal and external systems.
- Ability to work with systems teams to collaboratively implement security controls across a diverse range of systems, such as Okta, Netsuite, Salesforce, and internal tooling.
- Professional experience coordinating and interacting with external auditors, internal engineering teams, business stakeholders, senior leadership, and security operations teams on procurement activities, audit controls, and compliance requirements.
- Experience conducting vendor risk assessments, including reviewing security certifications, penetration tests, and policies.
- Strong understanding of vendor integration risks and permission scoping across SaaS platforms such as Slack, Google Workspace, and Salesforce.
- Ability to translate complex technical findings and requirements into clear business risks and requirements for non-technical stakeholders.
- Experience working with NIST Cybersecurity Framework profiles, SOC 2, ISO 27001, or similar frameworks (preferred).
- Experience working within common GRC and procurement platforms such as Zip and Vanta (preferred).
- Experience managing high volumes of vendor requests and competing priorities.
- Prior assessment experience in the Software-as-a-Service industry.
- Ability to communicate with senior management regarding the current status of vendor and third-party risks.
- Experience supporting security audit efforts around SOC 2, ISO 27001, FedRAMP, and other related compliance frameworks.
- Ability to support automation and efficiency in the Third-Party Risk Management (TPRM) program through the use of third-party tools such as Zip and Vanta, and creating native solutions ensuring security reviews and reassessments scale with company growth.
Benefits & Perks
Competitive total compensation package including base salary, bonuses, and stock options (RSUs)
Remote and flexible working arrangements
Health benefits
Opportunities for career development and growth
Supportive and inclusive work environment
Contingent on legal right to work in specified locations
Ready to Apply?
Join Samsara and make an impact in renewable energy
Stay Updated on Sustainability Jobs
Get the latest renewable energy jobs and career tips delivered to your inbox.
Job Alerts
Get notified about new sustainability jobs
More at Samsara
More jobs at Samsara
Legal Administrative Assistant
Samsara
NEW
Ciudad de México
HYBRID
10h
Sales Engineer - Public Sector, Enterprise Core - US CST
Samsara
NEW
Not specified
Full Time
10h
Sales Enablement Manager
Samsara
NEW
Atlanta
Full Time
10h
More jobs in Location not specified
Relationship Specialist, West Coast
Palmetto Clean Tech
NEW
Remote
Full Time
10h
Relationship Specialist, West Coast
Palmetto Clean Technology
NEW
Remote
Full Time
10h
Vice President, Renewables
Unison
NEW
Remote
Full Time
10h