GoTo logo
GoTo

Making IT easy, anywhere.

GRC Compliance Analyst

ComplianceComplianceFull TimeRemoteSeniorTeam 1,001-5,000Since 2000H1B SponsorCompany SiteLinkedIn

Location

Hungary

Posted

2 days ago

Salary

0

Seniority

Senior

Bachelor Degree3 yrs expEnglishCloudSDLC

Job Description

GRC Compliance Analyst

GoTo

• Coordinating audits across ISO 27001, SOC 2, PCI-DSS, HIPAA, NIS2, SOX, and C5, including managing auditor relationships, driving evidence collection, and tracking remediation activities to completion. • Performing control assessments and testing across technical and administrative domains, partnering with engineering and security teams to evaluate control design and effectiveness. • Partnering with Engineering, Security, IT, and Product stakeholders to understand technical architectures and translate them into audit-ready control narratives. • Leveraging AI tools, automation, and emerging technologies to streamline evidence collection, control testing, and reporting activities. • Administering and enhancing GRC platforms while developing metrics and dashboards that provide visibility into compliance posture and control effectiveness.

Job Requirements

  • 3+ years of experience in information security compliance, audit, or risk management within a technology environment.
  • Strong understanding of cloud architecture, IAM, infrastructure, and SDLC controls, enabling effective collaboration and communication with technical teams.
  • Experience working with one or more compliance frameworks, such as ISO 27001, SOC 2, PCI-DSS, HIPAA, NIST 800-53, and NIS2.
  • Strong audit communication skills: you know how to manage auditors, push back when evidence requests are out of scope, and defend a control position when you're right.
  • Interest in leveraging technology and AI tools to improve productivity and streamline compliance activities.
  • Bonus Qualifications
  • Experience with compliance automation, continuous monitoring initiatives, or GRC platform development.
  • Experience with platforms such as Thoropass, AuditBoard, or Drata.
  • Experience building AI-driven workflows or automations that reduce compliance toil.
  • Experience integrating GRC tooling with engineering, cloud, identity, or monitoring platforms.
  • Experience implementing continuous assurance capabilities.

Benefits

  • Comprehensive health benefits
  • Generous paid time off, including paid holidays, volunteer days, quarterly self-care days, and company-designated no-meeting days
  • Tuition reimbursement and access to instructor-led and on-demand learning and development programs
  • The Thrive Global Wellness Program, a confidential Employee Assistance Program (EAP), a wellness app and one-on-one wellness coaching
  • Employee-led communities and programs, including Employee Resource Groups (ERGs), GoTo Gives, and charitable matching

Related Categories

Related Job Pages

More Compliance Jobs

Tolmar logo

Senior Analyst, Compliance

Tolmar

Science-driven and patient-inspired.

Compliance2 days ago
Full TimeRemoteTeam 1,001-5,000Since 2007H1B Sponsor

Role Description The person in this role will have responsibility to support the Compliance function (compliance and ethics) at Tolmar. This will include ensuring business conduct is in accordance with Tolmar’s compliance framework and ensuring overall compliance with laws, regulatory requirements, policies, and procedures. The position contributes to a culture of compliance and integrity and supports continued improvement of the defined programs established by the Compliance organization. The role will closely work with both the Vice President, Compliance and the Deputy Compliance Officer to manage systems and reporting processes as we continually enforce the overall Compliance program and culture at Tolmar. - Serve as the system administrator for various Compliance systems including primary coordinator for business processes involving healthcare professional services engagements and related third-party activities, Conflict of Interest, and Investigations Database. - Conduct initial review, intake, and triage of requests and inquiries submitted to Compliance, ensuring appropriate routing, documentation, and follow-up. - Review and support approval of fair market value assessments and related compliance documentation. - Support compliance auditing and monitoring activities, including audit planning, documentation, findings tracking, remediation support, and continuous improvement of audit tools and templates. - Maintain and update compliance policies, procedures, and related systems to support alignment with applicable laws, regulations, and company requirements. - Support business owners with aggregate spend and state reporting processes, including document review, data validation, and coordination of reporting requirements. - Develop and maintain compliance tools, resources, and portal content to support field teams and broader business stakeholders. - Support administration of Compliance programs, policies, and processes, including training, disclosures, conflicts of interest management, compliance concern intake, corrective action tracking, and related documentation. - Provide operational support for the continued development, implementation, monitoring, and maintenance of Compliance Operations in accordance with Tolmar’s compliance framework. - Leverage data for compliance monitoring, risk assessment, and reporting activities. - Assist with updates to the compliance plan and related program documentation, as directed by Compliance leadership. - Serve as a first-line resource for the Compliance inbox by responding to routine questions, triage matters appropriately, and escalating issues as needed. - Perform other related duties as assigned. Qualifications - Excellent interpersonal, verbal and written communication skills, including adjusting content and style for various audiences. - Ability to be flexible and adjust based on the evolving business and Ethics & Compliance priorities. - Inquisitive and open minded – Ability to learn, understand and guide to bring the best solution or alternatives that supports an efficient and effective Compliance program. - Working knowledge of MS Word, Power Point, Excel, and Outlook. - Experience with use of analytics tools (e.g., Tableau, PowerBI, Qlik), systems and structures that facilitate an efficient and effective compliance program. - An understanding of business objectives and strategies and how those translate to OEC priorities in order to advise and partner with the business. - Good understanding Pharmaceutical and Medical Device commercial operations and the laws, regulations and guidance applicable to the industry (e.g., Food, Drug and Cosmetic Act and of the roles and authority of government agencies and industry partners, PhRMA, FDA, OIG, PDMA, Affordable Care Act, PDMA, ACCME, etc.) Requirements - Bachelor’s Degree required, advanced degree a plus. - 3+ years Compliance or transferable pharmaceutical and life sciences industry experience. Benefits - Competitive and inclusive medical, dental, and vision coverage options. - Flexible Spending Accounts for medical expenses and dependent care expenses. - HSA through our HDHP. - CompleteCare reimburses you and your dependents for eligible health care expenses and premium expenses incurred under alternate group health coverage. - Generous 401K match - currently match 100% of your contributions up to the first 6% of compensation and 50% from 7%-12%, but never greater than 9%. - Tolmar-paid Life, LTD, and STD insurance coverages, as well as voluntary benefit options. - Employee Assistance Plan, Legal Guidance, and Funeral Planning & Concierge Services. - Adoption and family-planning benefits. - Fertility and Family Forming Benefits. - Generous paid time off, including vacation, sick time, and holidays. - Volunteer time to participate in your community. - Discretionary year-end shutdown.

United States
$95K - $120K / year
Full TimeRemoteTeam 51-200

Role Description The Compliance & Risk Lead serves as the central point of coordination for Panorama Global’s day-to-day compliance and risk environment. This role is responsible for actively monitoring the organization’s operational exposure, triaging and responding to emerging issues, and ensuring ongoing adherence to statutory, regulatory, and governance requirements across a complex, multi-entity structure. This is a hands-on, operational role focused on real-time visibility, responsiveness, and follow-through. The compliance & risk lead maintains the systems, policies, processes, and relationships needed to ensure the organization is compliant, protected, and able to respond quickly to evolving risks. Working across Panorama Global and affiliated entities, this role partners closely with Finance, Business Strategy & Operations, Grants & Contracts, Social Impact, and the People & Culture Team to ensure compliance and risk management are embedded in how work actually happens. This position is remote-eligible and open to applicants nationwide; however, preference will be given to candidates based in Seattle or New York who can work in a hybrid capacity. Core Responsibilities - Ongoing Risk Monitoring & Exposure Management - Continuously monitor the organization’s operational risk and compliance environment across functions and entities. - Maintain and evolve dashboards, registers, and tracking tools that reflect the organization’s current exposure in real time. - Maintain visibility into emerging risks, gaps, and exposure areas to ensure they are identified early and addressed proactively. - Track and manage risk and compliance issues through resolution, ensuring clear ownership and follow-through. - Serve as a point of contact for risk and compliance-related questions, issues, and escalations across the organization. - Triage incoming issues and questions, assess risk level, and determine appropriate response or escalation path to the appropriate subject matter expert. - Coordinate cross-functional responses to compliance and risk issues, including engaging legal counsel as needed. - Provide practical guidance to teams navigating compliance requirements, balancing risk with operational needs. - Statutory & Regulatory Compliance - Own and maintain all organizational statutory compliance requirements, including: - Corporate/entity registrations and renewals - Federal, state, and local filings - Annual reports and required disclosures - Maintain related compliance calendars and ensure all filings are completed accurately and on time. - Act as the system of record for organizational compliance obligations and documentation. - Legal Entity Compliance & Global Oversight - Monitor corporate compliance across multiple legal entities, including domestic and international structures. - Ensure each entity remains in good standing and compliant with applicable regulatory requirements. - Coordinate global compliance requirements, partnering across department functions, with projects, and external advisors as needed. - Governance & Enterprise Risk Support - Support organizational governance processes related to risk and compliance, including: - Annual enterprise risk assessment - Board and Audit & Finance Committee reporting - Ongoing risk visibility for leadership - Maintain and evolve risk registers and support leadership in understanding organizational risk posture. Supporting Responsibilities - Develop and maintain key compliance-related policies (data protection, record retention, internal controls, etc.). - Ensure policies are operationalized and adopted across teams. - Serve as point of contact for data privacy compliance (e.g., GDPR, CCPA). - Coordinate with internal and external stakeholders on data protection practices. - Support administration of insurance programs and alignment with organizational risk exposure. - Support crisis management and business continuity efforts from a compliance and risk perspective. Organizational Engagement & Participation Actively embodies Panorama's values and contributes to a healthy, mission-driven culture — participating in team and organizational initiatives, engaging across the organization, and representing Panorama with credibility externally. Brings curiosity and a continuous improvement mindset to their work, identifying opportunities to strengthen processes, practices, and knowledge sharing. Maintains personal compliance with all applicable laws, organizational policies, and regulatory requirements. Provides timely, accurate inputs to organizational systems, reporting, and co-design efforts as needed. Qualifications - 6–8+ years in compliance, risk, insurance, legal operations, audit, or similar roles. - Strong experience managing statutory compliance and filings across multiple jurisdictions. - Experience operating in multi-entity and/or global environments. - Ability to assess risk quickly and make practical, defensible decisions. - Acts as central escalation point for enterprise compliance issues spanning multiple teams or functions. - Strong organizational systems mindset (tracking, dashboards, registers—not just strategy). - Familiarity with nonprofit compliance (501(c)(3), grant requirements) preferred. - Knowledge of data privacy regulations (GDPR, CCPA) preferred. Compensation & Benefits The starting salary for this role is $105,000-$110,000. When determining an initial offer, we carefully consider these factors: candidate skills and experience; room for growth within the band; and internal equity across the team. - Flexible paid time off - 10 paid holidays per year, plus an organization-wide Winter Break - Up to 95% employer-paid monthly premiums for employee medical coverage (depending on plan selected) - 401(k) safe harbor plan, with employer contribution equal to 3% of salary with immediate vesting - Up to 12 weeks fully paid family/medical leave (eligible after 1 year of employment) - ... And more! How to Apply Interested candidates should submit a resume and cover letter through our Careers Page Portal at panoramaglobal.applytojob.com/apply . Applications will be reviewed on a rolling basis; the position will stay open until filled. Panorama is committed to creating a diverse team and is proud to be an equal opportunity employer. We know that representation matters in the workplace and with our partners; to that end, we are committed to a hiring process grounded in equity and inclusion. All qualified applicants will receive consideration without regard to race, color, religion, citizenship or immigration status, national origin, caste, genetic information, gender identity, gender expression, sexual orientation, marital status, veteran status, political ideology, the presence of any physical, mental, or sensory disability, age, or any other status or characteristic protected by federal, state, or local law. Panorama complies with federal and state disability laws and makes reasonable accommodations for applicants and employees with disabilities. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact our People & Culture team. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire. Panorama participates in the federal E-Verify system. The final offer will be contingent on a successful background check.

United States
$105K - $110K / year
Coinbase logo

Compliance, Threat & Risk Assessment Manager

Coinbase

We're building an open financial system for the world.

Compliance2 days ago
Full TimeRemoteTeam 1,001-5,000Since 2012H1B Sponsor

• Manage enterprise-wide compliance risk assessments, including inherent risk identification, control evaluation, residual risk determination, and articulation of key findings and risk themes • Partner with MLROs, CCOs, and cross-functional stakeholders across Coinbase legal entities to deliver globally coordinated, locally relevant risk assessment outcomes • Produce risk assessment reports, executive summaries, and governance materials for senior leadership, risk forums, and regulatory audiences • Drive transaction monitoring and customer risk scoring coverage assessments and lead geographic risk rating updates ensuring ratings are current, risk-based, and operationally actionable • Develop a compliance threat assessment framework including governance, methodology, documentation standards, and ongoing maintenance • Pioneer AI-powered automation to scale assessment workflows, demonstrating high AI fluency while maintaining rigorous human judgment and oversight

United States
$162.0K - $190.6K / year

Deliverability Specialist

Hightouch

Hightouch, established in 2020, is a rapidly growing company specializing in data activation solutions. The company fosters a culture emphasizing continuous amb

Compliance2 days ago

Role Description Deliverability Advisor: - Serve as a knowledgeable resource for teams and customers navigating email deliverability challenges, building trust through consistent, sound guidance. Migration Management: - Guide high-volume senders through migrations, managing IP warm-up and transitions with care to protect sending reputation. ISP Relations: - Build and maintain relationships with Internet Service Providers (ISPs) to support strong deliverability outcomes for senders. Performance Analysis: - Conduct deliverability assessments and deliver clear, actionable reporting following the warm-up phase. Strategic Improvement: - Provide guidance and recommendations to help improve deliverability performance over time. Enablement: - Help build understanding of deliverability best practices across internal teams and with external customers. Product Collaboration: - Partner with engineering and product teams to support customer success and inform product direction. Qualifications - 5 -10 years of experience in email deliverability, messaging infrastructure, or a closely related technical discipline (e.g., ESP/ISP relations, sending infrastructure, trust & safety for messaging platforms). - This is a foundational hire for our deliverability function. We're looking for someone who has ideally built or scaled deliverability practices before, not just operated within an existing playbook. - Working knowledge of email deliverability fundamentals, including authentication protocols (SPF, DKIM, DMARC), IP and domain reputation, and how ISPs evaluate inbox placement. - Experience managing or supporting IP warm up processes and sender reputation through migrations or platform transitions. - Comfort analyzing deliverability data (bounce rates, complaint rates, engagement metrics) and translating findings into clear recommendations. - Strong written and verbal communication skills, with the ability to explain technical concepts to both technical and non-technical audiences. - Ability to manage multiple customer situations at once, prioritizing based on urgency and impact. - Experience establishing processes, documentation, or best practices in a technical specialty area, whether as a first hire, early team member, or practice lead. - We are looking for talented, intellectually curious, and motivated individuals who are interested in tackling the problems above. We focus on impact and potential for growth more than years of experience. Requirements - The salary range for this position is $160,000 - $200,000 USD per year. E-Verify Statement - Hightouch participates in E-Verify. After you join the team, we'll verify your eligibility to work in the U.S. by submitting information from your Form I-9 to the Social Security Administration and, if needed, the Department of Homeland Security. This process happens post-hire only — we never use E-Verify to pre-screen applicants.

United States
$160K - $200K / year