GRC Analyst

Описание вакансии

We’re proud to be trusted by some of the largest companies in the world to handle their Salesforce DevOps. Underpinning that trust is a commitment to protect their data through our modern approach to security and compliance. As we grow into increasingly regulated sectors, ensuring our global compliance standards are met is more important than ever.

This is a fantastic opportunity to kickstart or progress your career in Governance, Risk, and Compliance (GRC) within the tech sector. Reporting to the Legal and Compliance Manager, you will get hands-on exposure to customer assurance, information security audits, data protection, and additional international frameworks. As an early hire in this function, you’ll have a clear path to specialise as the team grows.

What’s the opportunity for a GRC Analyst at Gearset?

• Partner with our GRC Manager to maintain our ISO 27001 certification and support compliance with global data protection regulations such as GDPR, CCPA, and HIPAA.
• Own the day-to-day response to customer security and compliance requests, ensuring our clients feel confident in how we handle their data.
• Coordinate and facilitate on managing GRC platforms, keeping our documentation current and finding ways to automate repeatable tasks.
• Play a key role in ISO 27001 Continuous Improvement (CI) activities and help prepare the business for internal and external audits.
• Assist in drafting and managing essential compliance policies, including Modern Slavery, AML and Anti-Bribery, ensuring they evolve with the company.
• Identify blockages in reviews and recommend ways to standardise documentation to help the company scale efficiently.

What you’ll achieve

• Develop a deep understanding of Gearset’s compliance and security posture to streamline customer onboarding and vendor reviews.
• Lead the automation of our compliance workflows, reducing manual overhead for the team.
• Play a key role in scaling our global compliance footprint by launching and embedding new international security standards as we grow.
• Gain the experience and support needed to pursue certifications in GRC, Information Security or Data Protection.

About you

• You have a passion for accuracy, especially when managing complex documentation and policies.
• You are comfortable learning about cloud software and can translate security and compliance concepts into clear, written responses.
• You can communicate professionally with both internal teams and external customers and vendors.
• You thrive in a fast-paced environment and are always looking for a more efficient way to get things done.
• Have degree in a relevant field such as Computer Science, or Cyber Security or equivalent foundational experience in a professional office environment.

Great to haves

• Knowledge of ISO 27001, GDPR, CCPA and HIPAA
• Experience using GRC or workflow tools
• An interest in DevOps or the Salesforce ecosystem

Benefits (the stuff you’d expect!)

• Salary is up to £45k (depending on experience)
• This role is based in our Cambridge office but with the flexibility to work from home when you need to
• Opportunity to join our Long Term Incentive scheme
• Generous personal development budget for courses, conferences, or whatever is useful to your professional development in the role of up to £1500 per year
• Top end hardware provided
• Free lunch any day you are in the office
• BUPA health care
• Life Insurance & critical illness cover
• Discounted gym membership, as well as a range of health and wellness benefits