Apply on Employer Site

Mozilla · 3 months ago

Senior Staff Analyst, GRC

United States

Full-time

Remote

Senior Level, Lead/Staff

$178K/yr - $259K/yr

10+ years exp

Mozilla Corporation is a non-profit-backed technology company that has shaped the internet for the better over the last 25 years. The Senior Staff Analyst, GRC role is responsible for defining, developing, and helping implement a Governance, Risk, and Compliance framework for both Enterprise and Product verticals, ensuring alignment with security, privacy, regulatory, and risk management initiatives.

Browser ExtensionsInternetOpen SourceSoftwareWeb Browsers

Comp. & Benefits

Responsibilities

Develop and maintain a comprehensive GRC strategy and roadmap aligned with business objectives

Lead the creation and enforcement of standards, policies, controls, audits, reporting across various enterprise and product verticals

Develop and operationalize a risk assessment and management framework on a periodic basis to enable prioritization and remediation of critical issues

Define and deliver measurable scorecards and metrics to enable data driven decision making

Ensure compliance with various regulatory standards and frameworks ( ISO, NIST, SOC2, CCPA, GDPR, etc)

Lead internal and external audit activities including tracking and resolving deficiencies and remediations

Partner closely with Legal / IT / Finance / Security to align on the GRC program and deliver a cohesive integrated risk management framework

Led defining requirement and reporting (scorecards) of data life cycle management across enterprise and product domains working with data platform and legal team

Qualification

GRC framework developmentRegulatory compliance knowledgeRisk management frameworkIndustry certificationsCross-functional collaborationRoot Cause AnalysisStakeholder engagementData-driven decision makingCritical thinking

Required

10+ years of progressive experience in developing and delivering an integrated GRC framework

Strong understanding and deep knowledge of regulatory frameworks, processes and tools related to building a robust GRC framework

Experience leading and delivering cross functional requirements for product & enterprise teams to implement controls and measures to meet compliance requirements

Relevant industry certifications (CISA, CISSP, CISM, CRISC, etc)

Hands-on understanding of using various technology and tools (SEIM, BI Tools)

Ability to develop Root Cause Analysis (RCA) and remediation plans to resolve risk deficiencies working with respective stakeholder teams

Strong critical thinking skills with the ability to drive long term organizational impact

A background that demonstrates a bias for action and the ability to navigate constraints in order to achieve business outcomes

Ability to collaborate and influence a diverse group of stakeholders to address cross-functional challenges and lead change