Job description
Let’s build what’s next, together.
We are Spotnana. We’re on a mission to modernize the infrastructure of the $1.4 trillion travel industry to power the perfect trip for travelers everywhere. Our Travel-as-a-Service platform is designed to make every trip better, whether you’re booking for work, building a travel tool, or looking to offer personalized experiences at scale.
But we’re not just modernizing tech, we’re rethinking how the industry works. And to get there, we’re bringing together innovative, ambitious, and open-minded people who want to build something that lasts.
At Spotnana, our values and principles guide how we work and grow together:
- Build the future – We are leaders, we are innovators, we are ambitious.
- Commit to excellence – We’re accountable, we are partners, we are agile.
- Stronger together – We lead with respect and integrity, we are inclusive, we are lifelong learners.
Who: You! And the rest of the Security team & their cross-functional partners
What: A GRC Analyst position title and an outstanding excellent communicator
When: ASAP! We are looking to hire and onboard a new hire as soon as we find the right person for the job. Exciting work awaits!
Where: Remote: “Your home base! This role is eligible for 100% remote work.
Why: Spotnana has a rapidly maturing Governance, Risk, and Compliance program supporting multiple industry standards. The GRC Analyst will be positioned to gain practical experience in facilitating PCI, ISO, and SOC audits, conducting risk assessments, and implementing automated processes to scale our compliance efforts.
How(to land the job!) :
The day-to-day:
- Customer Assurance: Assist with questionnaire responses and Trust Center management
- Third-party Risk: Assist with vendor risk assessments
- Audits: Assist with evidence collection during audit cycles
- Compliance Activities: Oversee or conduct scheduled user access reviews, incident and disaster recovery exercises, and ad-hoc audits of specific processes and systems.
- Continuous Improvement: Participate in project work to improve the maturity of the ISMS program, supporting processes, and automations.
Skills & qualities we value:
- Working knowledge of information security and compliance frameworks, such as SOC 2, ISO 27001, PCI-DSS
- Proven understanding of cloud infrastructure and services (AWS)
- Excellent written and verbal communication skills, including the ability to translate technical jargon into meaningful action items and knowledge base articles
- Proven ability to collaborate with cross-functional teams to implement effective solutions
- Desire to grow technical skills to support GRC work (think Python coding, AWS training)
- Demonstrated ability to focus on priority tasks during periods of high volume inbound requests
- 1-2 years of experience in developing and executing governance, risk, and compliance processes and functions
Perks & benefits you will love
Spotnana strives to offer fair, industry-competitive, and equitable compensation. Our approach assesses total compensation, including cash, annual performance bonus, company equity, and comprehensive benefits.
The base salary range for this role is $60,000 - $90,000 per year, depending on a number of factors including the candidate’s working location.
We care for the people who make everything possible - our benefits include:
- Pre-tax and ROTH 401(k) options via Fidelity with up to a 4% company match
- Comprehensive benefit plans covering medical, dental, vision, life, and disability effective on your hire date. We cover 100% of your employee premiums and 85% of your eligible dependents
- Pre-tax flexible spending account options for health, dependent care and commuter expenses
- Flexible PTO in addition to 10 company holidays, and an end-of-year company shutdown
- Up to 26 weeks of parental leave
- Monthly cell phone/internet stipend
- Extra perks — IATAN travel membership, pet insurance, financial wellness tools, Calm app access, and more
We are committed to fostering a diverse, inclusive environment and to encourage these values in everyone on our team. We provide an environment of mutual respect where opportunities are available without regard to race, color, religion, sex, pregnancy (including childbirth, lactation and related medical conditions), national origin, age, physical and mental disability, marital status, sexual orientation, gender identity, gender expression, genetic information (including characteristics and testing), military and veteran status, and any other characteristic protected by applicable law. We believe that diversity and inclusion for people from all walks of life is key to our success as a company.
