GRC Analyst, Partnership Compliance

at Referrals.com
  • Remote - United States

Remote

Cybersecurity

Mid-level

Job description

Description

Sprout Social is looking to hire a GRC Analyst focused on Partnership Compliance for the IT team.

Why join Sprout’s IT team?

Sprout’s Corporate IT team is a combination of adjacent squads working on projects under one umbrella. This unique structure is an exciting opportunity to grow your career in technology with exposure to projects all across our discipline—something you don’t see often in other organizations. It allows us to move quickly and collaborate with minimal friction or red tape. As a part of this team, you’re also given the space and encouraged to stretch beyond your core function and make a deeper impact on the broader organization. In short, the work you do here matters and you’ll feel that day in and day out.

What you’ll do

  • Create monitoring processes for changes in our social network partners’ terms of service
  • Respond to technical assessments from our social network partners
  • Pair with other members of the GRC, Legal, and Engineering teams to create, remediate, and monitor a set of internal controls built on the requirements from our social network partners
  • Implement access governance over the social networks’ developer portals
  • Participate in internal and external audits–testing, maturing, and automating our security controls along the way
  • Support our Sales and Success teams in assuring customers of our industry-leading security and privacy posture with your knowledge of cybersecurity and procurement

What you’ll bring

If you have a propensity for independent work, experience in IT Audit or Compliance, and a desire to implement world-class governance for our partnership ecosystem, we’d love to talk with you!

The minimum qualifications for this role include:

  • 5+ years of combined experience in security, IT audit, risk management, legal, or similar roles supporting a cloud-based environment
  • Experience with system/tool administration and a deep understanding of role-based access controls
  • Experience with reviewing and interpreting legal documents
  • Experience in developing, implementing, and testing controls in support of compliance or privacy frameworks (e.g., SOC 2, SOX, NIST, ISO, CSA, GDPR, etc.)

Preferred qualifications for this role include:

  • Ability to work US central or US eastern time zone working hours is highly preferred
  • Attention to detail and a willingness to learn the technicalities of people, processes, and systems
  • Strong interpersonal skills and ability to work independently across distributed teams
  • Experience at social media, marketing, or similar companies
  • Deep knowledge of security frameworks and processes
  • Certifications in security (Security+, CISSP) or GRC (CISA, CRISC)
  • Experience working closely with Security, Legal, Engineering, and Sales teams in supporting of company-wide objectives, internal and external audits, and the sales lifecycle

How you’ll grow

Within 1 month, you’ll plant your roots, including:

  • Complete Sprout’s New Hire training program alongside other new Sprout team members.
  • Be introduced to Sprout’s security, compliance, and legal stakeholders across the organization.
  • Learn our existing tooling and begin understanding the state of our GRC program.
  • Learn the current state of Partnership Compliance and begin to identify gaps or areas of improvement.
  • Support and shadow teammates on security assurance requests, completing questionnaires and joining calls with customers.
  • Receive feedback from the team on your approach to managing and engaging our existing IT audit and compliance workstreams.

Within 3 months, you’ll start hitting your stride by:

  • Work with your manager and teammates to create and prioritize quarterly team goals or projects.
  • Start to understand the breadth and depth of our team’s authority and remit.
  • Pair with Legal to embed yourself into the product-build lifecycle, reviewing terms and other legal documents, and creating a process for monitoring changes to our social network partners’ terms of service
  • Create internal controls, mapping them to our current frameworks, in support of requirements from our social network partners
  • Begin identifying gaps in our current controls or processes, pairing with internal stakeholders to develop remediation plans
  • Assist in quarterly user access reviews, internal and external audits, and internal controls testing in support of our compliance frameworks
  • Independently triage Security Assurance requests, fielding nuanced security and privacy concerns from our customers, both pre and post-sales.

Within 6 months, you’ll be making a clear impact through:

  • Participate in the day-to-day management of our GRC tooling.
  • Become the subject matter expert with respect to the social networks’ developer portals, pairing with Engineering to enhance governance over RBAC
  • Support our Sales and Success teams in assuring customers of our industry-leading security and privacy posture with your knowledge of cybersecurity and procurement
  • Become a key stakeholder in quarterly/annual internal and external audits, including IT controls and user access reviews, all while improving/automating the evidence gathering processes.

Within 12 months, you’ll make this role your own by:

  • Own our partnership compliance program and independently lead technical assessments from our social network partners, testing controls and gathering evidence.
  • Independently perform user access reviews and participate in internal and external audits, all while identifying and assessing gaps or issues
  • Fully support our broader compliance and governance initiatives.
  • Assist in defining the roadmap for future work.
  • Surprise us! Use your unique ideas and abilities to change our GRC program in ways that we haven’t considered yet.

Of course what is outlined above is the ideal timeline, but things may shift based on business needs and other projects and tasks could be added at the discretion of your manager.

Our Benefits Program

We’re proud to regularly be recognized for our team, product and culture. Our benefits program includes:

  • Insurance and benefit options that are built for both individuals and families
  • Progressive policies to support work/life balance, like our flexible paid time off and parental leave program
  • High-quality and well-maintained equipment—your computer will never prevent you from doing your best
  • Wellness initiatives to ensure both health and mental well-being of our team
  • Ongoing education and development opportunities via our Grow@Sprout program and employee-led diversity, equity, and inclusion initiatives.
  • Growing corporate social responsibility program that is driven by the involvement and passion of our team members
  • Beautiful, convenient, and state-of-the-art offices in Chicago’s Loop and downtown Seattle, for those who prefer an office setting

Whenever possible, Sprout wants to provide our team with the flexibility to work in the location that makes the most sense for them. Sprout maintains a remote workforce in many places in the United States. However, we are not set up in all states, so please look at the drop-down box in our application to see whether your state is listed. Few roles require an office setting. If your position requires a physical presence in a Sprout office, it will be evident in the job listing and your offer letter.

Individual base pay is based on various factors, including work location, relevant experience and skills, the responsibility of the role, and job duties/requirements. In the United States, we have two geographic pay zones. For this role, our current base pay ranges for new hires are:

  • Zone 1 (New York, California, Washington): $81,048 (min), $101,300 (mid), $121,572 (max) USD annually
  • Zone 2 (All other US states): $73,700 (min), $92,100 (mid), $110,500 (max) USD annually

The listed ranges represent the full earning potential in this position. Starting salaries for well-qualified new hires are typically around the midpoint of the range. These ranges were determined by a market-based compensation approach; we used data from trusted third-party compensation sources to set equitable, consistent, and competitive ranges. We also evaluate compensation bi-annually, identify any changes in the market and make adjustments to our ranges and existing employee compensation as needed.

Base pay is only one element of an employee’s total compensation at Sprout. Every Sprout team member has an opportunity to receive restricted stock units (RSUs) under Sprout’s equity plan. Employees (and their dependents) are covered by medical, dental, vision, basic life, accidental death, and dismemberment insurance, and Modern Health (a wellness benefit).  Employees are able to enroll in Sprout’s company’s 401k plan, in which Sprout will match 50% of your contributions up to 6% with a maximum contribution. Sprout offers “Flexible Paid Time Off” and ten paid holidays. We have outlined the various components to an employee’s full compensation package here to help you to understand our total rewards package.

Sprout Social is proud to be an Equal Opportunity Employer. We do not discriminate based on identity - race, color, religion, national origin or ancestry, sex (including sexual identity), age, physical or mental disability, pregnancy, veteran or military status, unfavorable discharge from military service, genetic information, sexual orientation, marital status, order of protection status, citizenship status, arrest record or expunged or sealed convictions, or any other legally recognized protected basis under federal, state, or local law. Because Sprout Social is a federal contractor, we affirmatively recruit individuals with a disability and protected veterans. Learn more about our commitment to diversity, equity and inclusion in our latest DEI Report.

If you require a reasonable accommodation for any part of the interview process or to submit your application, please email us at [email protected]. Include the nature of your request and your preferred contact information. We’ll do everything we can to support your success during our recruitment process while upholding your privacy. Please note that only inquiries regarding accommodations will receive a response from this email address; other inquiries will not be addressed (e.g., you send your resume but are not requesting an accommodation).

For more information about our commitment to equal employment opportunity, please click here (1) Equal Opportunity Employment Poster and (2) Sprout Social’s Affirmative Action Statement.

When you apply for employment with Sprout Social, we will process your job applicant data, including your employment and education history, transcript, writing samples, and references as necessary to consider your job application for open positions. Your personal data will be shared with Greenhouse Software, Inc., and Crosschq, Inc., cloud services providers located in the United States of America and engaged by Sprout Social to help manage its recruitment and hiring process on Controller’s behalf. Accordingly, if you are located outside of the United States, by clicking “Submit Application” on this site, you consent to the transfer of your personal data to the United States. For more information about our privacy practices please visit our Privacy Policy. California residents have additional rights and should review the Additional Disclosures for California Residents section in our Privacy Policy.

Additionally, Sprout Social participates in the E-Verify program in certain locations, as required by law.

#LI-REMOTE

Share this job:
Please let Referrals.com know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Referrals.com logo

Referrals.com

  • 55 remote jobs

Latest Jobs at Referrals.com

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply now