Governance, Risk, and Compliance Analyst

You.com

GRC Analyst managing compliance programs across security, legal, and product teams for AI systems. Ensuring customer trust and adherence to regulatory requirements at You.com.

Posted 6/24/2026full-timeSan Francisco • California • 🇺🇸 United StatesMid-LevelSenior💰 $150,000 - $180,000 per yearWebsite

About the role

Key responsibilities & impact

Own and manage compliance programs across frameworks including SOC 2, ISO 27001, GDPR, CCPA, HIPAA, and FedRAMP
Coordinate audit activities end-to-end: evidence collection, documentation, auditor responses, and remediation tracking
Leverage AI and other tools to deliver metrics that stakeholders can consume and understand
Conduct vendor and third-party risk assessments; manage the due diligence lifecycle for new and existing partners
Help manage security and risk reviews (e.g. DDQs, VSQs) as part of the procurement process in collaboration with the Legal, Finance, and Security team
Assist with building and maintaining compliance policies, procedures, and supporting documentation for security and compliance
Translate regulatory and contractual requirements into actionable controls and processes
Monitor the evolving regulatory landscape (especially AI-specific regulations) and flag relevant obligations
Support Privacy-by-Design reviews for new product features and data practices
Track open compliance items and proactively drive them to closure across stakeholders

Requirements

What you’ll need

3–5 years of experience in GRC, Information Security compliance, or a related field
Hands-on experience with SOC 2 or ISO 27001 audits, including evidence collection and gap assessments
Familiarity with privacy regulations: GDPR, CCPA, and ideally emerging AI regulatory frameworks (EU AI Act, etc.)
Experience managing vendor risk assessments and third-party due diligence processes
Strong written and verbal communication skills. You can explain compliance requirements to engineers and legal concepts to product managers
Highly organized, able to manage multiple workstreams and deadlines without dropping the ball
Comfortable working independently in a fast-paced environment with limited process overhead
Leverage AI to help build automation and data analysis workflows for reporting and tracking

Benefits

Comp & perks

Hubs in San Francisco and New York City offering regular in-person gatherings and co-working sessions
Flexible PTO with U.S. holidays observed and a week shutdown in December to rest and recharge*
A competitive health insurance plan covers 100% of the policyholder and 75% for dependents*
12 weeks of paid parental leave in the US*
401k program, 3% match - vested immediately!*
$500 work-from-home stipend to be used up to a year of your start date*
$600 technology stipend to support a portion of our hybrid/remote team's cell phone and internet expenses*
$1,200 per year Health & Wellness Allowance to support your personal goals*
The chance to collaborate with a team at the forefront of AI research

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

GRCInformation Security complianceSOC 2ISO 27001GDPRCCPAvendor risk assessmentsthird-party due diligenceevidence collectiongap assessments

Soft Skills

written communicationverbal communicationorganizational skillsindependent worktime managementstakeholder managementproblem-solvingcollaborationattention to detailadaptability