GRC Analyst, Third-Party Risk Management

📋 Description

• • Join Samsara, a pioneer in the Connected Operations™ Cloud, as a Governance, Risk, and Compliance (GRC) Analyst specializing in Third-Party Risk Management (TPRM). In this pivotal role, you will be instrumental in assessing and mitigating risks associated with our third-party vendors, ensuring the security and integrity of Samsara's operations. You will play a key part in building and refining automated workflows to support a rapidly scaling TPRM program, contributing directly to the company's mission of improving the safety, efficiency, and sustainability of the physical operations that power our global economy.
• • As a GRC Analyst, you will collaborate closely with various internal teams, including Legal, Procurement, and Engineering, to conduct comprehensive vendor risk assessments. Your responsibilities will include reviewing security certifications, penetration test results, and vendor policies to identify potential vulnerabilities and ensure compliance with Samsara's security standards. You will be a crucial link in ensuring that vendor risks are identified, documented, and effectively managed throughout their entire lifecycle.
• • A significant aspect of this role involves driving automation and efficiency within the TPRM program. You will leverage existing third-party tools and explore opportunities to develop native solutions that enhance the scalability of security reviews and reassessments. This proactive approach is essential as Samsara continues its hyper-growth trajectory and expands its digital transformation efforts across various industries.
• • You will work under the guidance of the local Senior Manager of Security Engineering, providing programmatic updates and communicating both program-level, third-party, and technical risks to the broader Information Security leadership team. This requires a strong ability to translate complex technical findings and requirements into clear, actionable business risks and recommendations for non-technical stakeholders.
• • The role demands a proactive and collaborative mindset. You will partner with Procurement, Legal, and Privacy teams to ensure a holistic approach to vendor risk management. Furthermore, you will champion and embody Samsara’s core cultural principles – Focus on Customer Success, Build for the Long Term, Adopt a Growth Mindset, Be Inclusive, and Win as a Team – fostering a culture of collaboration and continuous improvement as the company scales globally.
• • On a typical day, you might find yourself engaged in discussions with Samsara’s legal or procurement teams regarding an ongoing vendor review, actively building and refining AI-enabled workflows to scale the vendor risk program, or collaborating with engineering teams to gather essential evidence for an upcoming audit. This dynamic role offers a unique opportunity to make a tangible impact on industries that are fundamental to our global economy, from ensuring the continuity of essential services to enhancing worker safety.
• • This is a hybrid role based in Bengaluru, offering a unique opportunity to contribute to a company that is digitally transforming large sectors of the global economy. You will be part of a high-caliber team that encourages rapid career development, provides ample opportunities for experimentation, and fosters a supportive environment where you can master your craft and achieve significant professional growth.
• • Your efforts will directly contribute to Samsara's vision of digitizing industries like agriculture, construction, field services, transportation, and manufacturing. By ensuring the security and reliability of our third-party relationships, you will help maintain the infrastructure that powers our planet and ensures that workers return home safely. This role is ideal for individuals who are energized by ambitious opportunities and are eager to architect their own career path within a hyper-growth, publicly traded company.
• • You will be responsible for supporting the creation and maintenance of risk registers, compliance inventories, and control mappings across both internal and external systems. This involves a deep understanding of vendor integration risks and permission scoping across various SaaS platforms such as Slack, Google Workspace, and Salesforce.
• • The ideal candidate will possess a strong understanding of common GRC and procurement platforms like Zip and Vanta, and experience in creating automated workflows. Prior assessment experience within the Software-as-a-Service (SaaS) industry is highly desirable, as is the ability to manage high volumes of vendor requests and competing priorities effectively.
• • By joining Samsara, you will be part of a team that celebrates wins together, supports each other, and is committed to building for the long term. This role offers the chance to make a significant impact, grow your career, and contribute to a company that is shaping the future of physical operations.