Governance, Risk and Compliance, Analyst

Spotnana

1d•$60,000 - $90,000•Remote

About The Position

We are Spotnana. We’re on a mission to modernize the infrastructure of the $1.4 trillion travel industry to power the perfect trip for travelers everywhere. Our Travel-as-a-Service platform is designed to make every trip better, whether you’re booking for work, building a travel tool, or looking to offer personalized experiences at scale. But we’re not just modernizing tech, we’re rethinking how the industry works. And to get there, we’re bringing together innovative, ambitious, and open-minded people who want to build something that lasts. At Spotnana, our values and principles guide how we work and grow together: Build the future – We are leaders, we are innovators, we are ambitious. Commit to excellence – We’re accountable, we are partners, we are agile. Stronger together – We lead with respect and integrity, we are inclusive, we are lifelong learners. Spotnana has a rapidly maturing Governance, Risk, and Compliance program supporting multiple industry standards. The GRC Analyst will be positioned to gain practical experience in facilitating PCI, ISO, and SOC audits, conducting risk assessments, and implementing automated processes to scale our compliance efforts.

Requirements

Working knowledge of information security and compliance frameworks, such as SOC 2, ISO 27001, PCI-DSS
Proven understanding of cloud infrastructure and services (AWS)
Excellent written and verbal communication skills, including the ability to translate technical jargon into meaningful action items and knowledge base articles
Proven ability to collaborate with cross-functional teams to implement effective solutions
Desire to grow technical skills to support GRC work (think Python coding, AWS training)
Demonstrated ability to focus on priority tasks during periods of high volume inbound requests
1-2 years of experience in developing and executing governance, risk, and compliance processes and functions

Responsibilities

Customer Assurance: Assist with questionnaire responses and Trust Center management
Third-party Risk: Assist with vendor risk assessments
Audits: Assist with evidence collection during audit cycles
Compliance Activities: Oversee or conduct scheduled user access reviews, incident and disaster recovery exercises, and ad-hoc audits of specific processes and systems.
Continuous Improvement: Participate in project work to improve the maturity of the ISMS program, supporting processes, and automations.

Benefits

Spotnana strives to offer fair, industry-competitive, and equitable compensation. Our approach assesses total compensation, including cash, annual performance bonus, company equity, and comprehensive benefits.
Pre-tax and ROTH 401(k) options via Fidelity with up to a 4% company match
Comprehensive benefit plans covering medical, dental, vision, life, and disability effective on your hire date. We cover 100% of your employee premiums and 85% of your eligible dependents
Pre-tax flexible spending account options for health, dependent care and commuter expenses
Flexible PTO in addition to 10 company holidays, and an end-of-year company shutdown
Up to 26 weeks of parental leave
Monthly cell phone/internet stipend
Extra perks — IATAN travel membership, pet insurance, financial wellness tools, Calm app access, and more

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume