Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Doppler

Senior GRC Analyst

Doppler

Senior GRC Analyst at Doppler managing security and compliance programs. Ensuring SOC 2 Type II and ISO 27001 certifications while collaborating across teams.

Posted 5/23/2026full-timeRemote • 🇺🇸 United StatesSenior💰 $150,000 - $185,000 per yearWebsite

Tech Stack

Tools & technologies
Cloud

About the role

Key responsibilities & impact
  • Maintain Doppler's SOC 2 Type II and ISO 27001 certifications end-to-end: evidence collection, control monitoring, audit coordination, and deficiency remediation
  • Lead the compliance work for our next certifications, including gap assessments, policy updates, and required documentation
  • Evaluate additional certifications and attestations on an ongoing basis as customer and market requirements evolve
  • Own day-to-day administration of our GRC platform (Vanta), including control mapping, evidence workflows, and audit readiness
  • Lead our security working group: facilitate regular risk identification sessions, policy updates, maintain the threat register, track remediation progress, and drive accountability across teams
  • Design and maintain security controls mapped to our chosen frameworks (SOC 2, ISO 27001, etc.), ensuring they're practical and consistently operating
  • Coordinate penetration testing cycles and work directly with engineering to track and close findings
  • Author and maintain security policies that are enforceable and grounded in regulatory requirements (GDPR, PCI, and others relevant to a secrets management provider)
  • Support business continuity and disaster recovery governance
  • Respond to security questionnaires and RFPs promptly and accurately
  • Participate in customer security reviews and calls; represent our compliance posture credibly to security teams, procurement, and compliance officers
  • Maintain public-facing trust documentation that reflects our actual program
  • Partner with sales on security-sensitive enterprise deals, especially in regulated industries or where compliance is a gating factor
  • Translate compliance status and risk posture into clear, non-jargon updates for leadership and cross-functional stakeholders
  • Lead security awareness and compliance training for internal teams
  • Influence engineering and product roadmaps where security controls intersect with product decisions

Requirements

What you’ll need
  • 5+ years in security, compliance, or GRC, with direct ownership of SOC 2 Type II and ISO 27001 programs in a cloud product environment where you've run audit cycles, not just supported them
  • Hands-on experience with Vanta (or a comparable GRC platform) and a genuine interest in automating compliance workflows rather than relying on spreadsheets
  • Technical fluency: you can read a pen test report, understand cloud architecture decisions, and have substantive conversations with engineers about control design and risk tradeoffs
  • Strong understanding of how auditors think, ideally from having been on the auditor side, or from running enough cycles that you've internalized their perspective
  • Familiarity with PCI DSS and GDPR requirements; experience with self-attestation or certification work is a strong plus
  • Experience supporting enterprise sales cycles where security is a procurement requirement, including responding to complex security questionnaires
  • Excellent communication skills across audiences. You can brief the CEO on risk posture and turn around and explain the same issue to an engineer in implementation terms
  • Relevant certifications (CISA, CISSP, CISM, CRISC, or equivalent) preferred.

Benefits

Comp & perks
  • Equity at an early-stage, fast-growing startup
  • Premium health insurance (medical, dental, vision)
  • Guilt Free Unlimited PTO - 3-week minimum strongly encouraged!
  • Upward Mobility
  • Learning and Development Stipend
  • Wealth Advisor
  • 401k
  • Pregnancy & Family Leave
  • Fertility & Adoption Benefits
  • Equal Compensation (regardless of gender or race)

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
SOC 2 Type IIISO 27001GRCpenetration testingsecurity policiesrisk identificationcontrol mappingaudit coordinationdeficiency remediationcloud architecture
Soft Skills
communicationleadershipaccountabilitycollaborationinfluencetrainingfacilitationproblem-solvingadaptabilitypresentation
Certifications
CISACISSPCISMCRISC