GRC Senior Analyst

📋 Description

• • As a GRC Senior Analyst at Notion Labs, Inc., you will play a pivotal role in safeguarding the integrity, security, and trustworthiness of our rapidly expanding platform, which is relied upon by millions of users worldwide.
• • This position is instrumental in building and maturing Notion's Information Security posture by focusing on governance, risk management, and compliance (GRC).
• • You will be a key partner to various teams across the organization, collaborating to envision, plan, and implement robust security frameworks.
• • A core responsibility will be to coordinate the meticulous collection of evidence required for various compliance frameworks, including SOX ITGCs, SOC 2 Type II, ISO, HIPAA, and BSI C5.
• • You will manage timelines effectively with internal partners, ensuring timely and accurate submissions to support these critical audits.
• • This role involves actively contributing to the improvement and maintenance of essential information security policies, controls, procedures, and standards that govern our processes, applications, and infrastructure.
• • You will leverage and help develop custom AI agents and automation solutions to enhance the scalability and maturity of our Security GRC programs.
• • Specific automation efforts will focus on streamlining evidence collection, optimizing control monitoring workflows, and generating comprehensive reports.
• • You will contribute to the development and refinement of dashboards and key metrics, providing clear visibility into compliance status and audit readiness for stakeholders.
• • A significant aspect of the role will be the implementation and expansion of our continuous control monitoring initiatives, utilizing our compliance automation tool to ensure ongoing adherence to security standards.
• • You will proactively identify gaps and weaknesses within our existing security controls.
• • Subsequently, you will collaborate closely with engineering, product, and other cross-functional teams to design and implement solutions that strengthen these controls and mitigate potential risks.
• • The role demands a strong understanding of the GRC domain and its critical importance in maintaining organizational security and user privacy.
• • You will gain hands-on experience with cloud technologies such as AWS and security posture management tools like Wiz, understanding their implications for risk and compliance.
• • A key part of your contribution will be to communicate complex security and compliance concepts clearly and concisely to a diverse range of stakeholders, including technical and non-technical audiences.
• • You will embody a collaborative spirit, thriving in an environment where cross-functional teamwork is essential for achieving shared objectives.
• • A commitment to continuous learning, professional growth, and fostering a supportive environment for colleagues is highly valued.
• • While not requiring deep AI expertise, you will be expected to demonstrate curiosity and a willingness to adopt and integrate AI tools to enhance efficiency and improve outcomes in your GRC responsibilities.
• • This role offers a unique opportunity to shape the security and compliance landscape of a fast-growing, innovative technology company.
• • You will be at the forefront of ensuring Notion continues to be a trusted platform for its global user base.
• • The impact of your work will directly contribute to maintaining user confidence and enabling the continued innovation and expansion of Notion's product offerings.
• • You will be part of a team dedicated to building a secure and compliant future for Notion's users and the company itself.
• • This position requires a proactive approach to identifying and addressing security risks and compliance requirements in a dynamic technological environment.
• • You will contribute to the development of a robust security culture throughout the organization.
• • The role involves staying abreast of evolving regulatory requirements and industry best practices in GRC.
• • You will assist in the development and delivery of GRC-related training and awareness programs.
• • Your efforts will directly support Notion's commitment to providing a secure, consistent, and trustworthy user experience.
• • This is an exciting opportunity to leverage your GRC expertise in a company that values innovation and user trust above all else.