Samsara

Governance, Risk, and Compliance Analyst

Samsara

full-time

Posted on:

Location Type: Remote

Location: Remote • Alaska, California, Connecticut, Maryland, Massachusetts, New Jersey, New York, Rhode Island, Washington • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $87,762 - $118,000 per year

Job Level

Mid-LevelSenior

About the role

  • Communicate with senior management the current status of vendor and third-party risks
  • Support security audit efforts around SOC 2, ISO 27001, FedRAMP, and other related compliance frameworks
  • Champion, role model, and embed Samsara’s cultural principles as we scale globally and across new offices
  • Drive automation and efficiency in the TPRM program through the use of third-parties and creating native solutions; ensuring security reviews and reassessments scale with company growth.
  • Partner with Procurement, Legal, and Privacy to ensure vendor risks are identified, documented, and mitigated throughout the vendor lifecycle.

Requirements

  • 3+ years of experience in the governance, risk, and compliance space
  • Experience implementing or maintaining vendor-risk programs
  • Experience performing security and maturity assessments
  • Supporting the creation or maintenance of risk registers, compliance inventories, and control mappings across internal and external systems
  • Ability to work with systems teams to collaboratively implement security controls across a diverse range of systems, such as Okta, Netsuite, Salesforce, and internal tooling
  • Professional experience coordinating and interacting with external auditors, internal engineering teams, business stakeholders, senior leadership, and security operations teams on procurement activities, audit controls and compliance requirements
  • Experience conducting vendor risk assessments, including reviewing security certifications, penetration tests, and policies.
  • Strong understanding of vendor integration risks and permission scoping across SaaS platforms (eg. Slack, Google Workspace, and Salesforce)
  • Ability to translate complex technical findings and requirements into clear business risks and requirements to non-technical stakeholders.
Benefits
  • Competitive total compensation package
  • Employee-led remote and flexible working
  • Health benefits
  • Professional development opportunities

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
vendor-risk programssecurity assessmentsrisk registerscompliance inventoriescontrol mappingssecurity controls implementationvendor risk assessmentssecurity certifications reviewpenetration testspermission scoping
Soft skills
communicationcollaborationleadershipproblem-solvingtranslating technical findingsstakeholder interactionorganizational skillscultural principles advocacyautomation driveefficiency improvement
Certifications
ISO 27001FedRAMP