Docker
Senior Compliance GRC Analyst
Docker
$147k - $184k
Remote, Canada, Mexico, United States
Apply Now ->
Cybersecurity

Senior Compliance GRC Analyst

Overview

Docker is a remote first company with employees across Europe, APAC and the Americas that simplifies the lives of developers who are making world-changing apps. We raised our Series C funding in March 2022 for $105M at a $2.1B valuation. We continued to see exponential revenue growth last year. Join us for a whale of a ride! Docker helps developers bring their ideas to reality by conquering the complexity of app development. We simplify and accelerate workflows with an integrated development pipeline and application components. A fast-growing startup, Docker offers a dynamic work environment.

Job Description

The Senior GRC Analyst will report to the Compliance Manager. This role will be responsible for helping execute our SOC 2 readiness assessment and external audit. This role will work closely with IT, Security and Compliance leadership to strategize and scope assessments, identify key risk areas, and establish baseline controls for continued growth and maturity. The analyst role will perform third party supplier security assessments, as well as facilitate and coordinate responses for customer due diligence questionnaires. This role is cross-functional in nature, serving as a trusted advisor across the organization to improve Docker’s controls posture.

Responsibilities

  • - Plan internal audits from start to finish, perform gap assessments and advice on gap closure, collect and review evidence, present evidence to auditors to make the case for compliance, and assist with interactions with external auditors
  • - Establish strong partnerships with front line business partners and other stakeholders to ensure security program, policy and procedures are effective
  • - Support the Compliance team in ensuring compliance with industry standards and privacy regulations
  • - Serve as an advisor to engineering, IT, and business process teams to assist them in supporting compliance efforts
  • - Draft policies and best practices that will be consumed by the entire organization
  • - Maintain knowledge of certifications and controls such as SOC 2, ISO 27001 / ISO 27018, NIST 900-53, FedRAMP, IT SOX
  • - Evaluate vendors against compliance and security standards
  • - Assist in building out a risk and compliance control framework based on industry leading standards.
  • - Perform risk analysis for systems, processes, third-party tools/applications and configurations
  • - Stay up to date on the latest cyber security best practices

Required Skills

  • - Minimum 2 years of IT external or internal audit experience
  • - Minimum 3 years of work experience in compliance or related field
  • - Bachelor''s degree in business, information systems, computer science, or relevant educational or professional experience
  • - Experience performing vendor due diligence
  • - Experience with information security principles/practices
  • - Experience with privacy principles/practices
  • - Experience with software development practices
  • - Passionate about security, privacy, and compliance
  • - Self-motivated, quick learner, fast researcher
  • - Have experience with and are comfortable with a remote working environment
  • - Public Accounting/Big 4 Consulting Experience is a plus
  • - Technical information security experience
  • - Experience with automating security monitoring functions using scripting
  • - Industry relevant certifications such as CISSP, CISA, etc

Benefits

  • - Freedom & flexibility; fit your work around your life
  • - Home office setup; we want you comfortable while you work
  • - 16 weeks of paid Parental leave
  • - Technology stipend equivalent to $100 net/month
  • - PTO plan that encourages you to take time to do the things you enjoy
  • - Quarterly, company-wide hackathons
  • - Training stipend for conferences, courses and classes
  • - Equity; we are a growing start-up and want all employees to have a share in the success of the company
  • - Docker Swag
  • - Medical benefits, retirement and holidays vary by country
Apply Now ->

About the company

Docker

Docker provides a suite of development tools, services, trusted content, and automations, used individually or together, to accelerate the delivery of secure applications.


All Job Openings at Docker