GRC Compliance Specialist
BusPatrol
full-time
Posted on:
Location Type: Office
Location: Austin • Texas • 🇺🇸 United States
Visit company websiteSalary
💰 $110,000 per year
Job Level
Mid-LevelSenior
Tech Stack
AWSAzureCloudCyber Security
About the role
- Operate ongoing engagements for BusPatrol’s SOC 2, PCI, CIS, and US State regulatory compliance and reporting frameworks, including evidence preparation, control walkthroughs, and auditor collaboration.
- Working across BusPatrol’s technology practice, assess cyber security controls in cloud environments to identify gaps, drift, and deviations from policies and internal standards.
- Recommend improvements and move the needle on appropriate mitigations to reduce exposures and update BusPatrol’s control fabric.
- Partner with internal control owners to document processes, remediate gaps, and maintain audit readiness integrating compliance into how we operate.
- Collaborate with control owners to create automation across the audit lifecycle to streamline evidence management.
- Maintain compliance calendars, track milestones, and ensure timely submission of deliverables.
- This position will work closely with business units to integrate compliance controls and engagement timelines into operational planning, such as sprint cycles, ensuring alignment and accountability.
- Support privacy-by-design initiatives in collaboration with Product, Engineering, and Legal to integrate regulatory and privacy requirements into processes and platforms.
- Partner with Legal Team on litigation holds and eDiscovery support in scope of state-level data privacy regulations.
- Maintain and update policies, standards, and procedures to align with evolving regulations and BusPatrol operations.
- Socialize across BusPatrol to gain buy-in and adoption.
- Manage enterprise risk via the risk management program, including risk register tracking to foster accountability and treatment on identified risks.
Requirements
- Demonstrated understanding of cloud computing services/deployment architecture (e.g., Azure, AWS).
- Experience working with Frameworks/Programs such as SOC2, FedRAMP, StateRAMP/GovRAMP, PCI, NIST CSF.
- Have experience optimizing controls in technology org, and delivery of IT process improvement.
- Have experience in continuous monitoring of cloud services and products, edge hardware devices.
- Able to evaluate the design and effectiveness of IT controls.
- Direct experience in identification, management, monitoring and reporting risks via POA&Ms.
- Hold an active industry certification such as CISSP, CISA, or CISM.
- Strong understanding of AI/ML technologies, data architectures.
- Experience with NLETs a plus.
Benefits
- Competitive salary and benefits package
- Unlimited PTO
- A purpose-driven career, working to protect children and improve public safety
- The occasion to participate in BusPatrol’s culture of safety, learning, and teamwork
- A team of innovators, committed to leveraging AI and smart technology for social good
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
cloud computingSOC 2PCICISNIST CSFcontinuous monitoringIT controlsrisk managementdata architecturesAI/ML technologies
Soft skills
collaborationcommunicationorganizational skillsproblem-solvingaccountabilityprocess improvementstakeholder engagementaudit readinessbuy-intimely submission
Certifications
CISSPCISACISM