We’re looking for someone who:
— Embodies our EAGER values—is ethical, adaptable, gritty, empathetic, and remarkable.
— Has at least three years of experience implementing leading security standards and frameworks from scratch (such as ISO 270XX, SOC2, NIST).
— Has experience with ISO 27001 and SOC2 audits.
— Has ISO 27001 Lead Implementer or ISO 27001 Lead Auditor certification.
— Has deep knowledge of information security and IT auditing standards and approaches.
— Has knowledge of cloud infrastructure and security.
— Is familiar with agile SDLC and applicability of security compliance requirements.
— Can successfully coordinate, empower, and guide multiple stakeholders and timelines toward a specific goal.
— Experience implementing security standards for a SaaS company that has passed multiple security certifications.
— Experience implementing cloud security standards (ISO 27017, CSA STAR).
— Experience implementing privacy standards (GDPR, ISO 27018).
— Any of the following certifications: CISA, CISSP, CISM, or CCSP.
— Experience with business continuity program and disaster recovery plan implementation.
— Professional growth: We hire people we trust, and we give team members autonomy to do their best work. We also support professional development with training, coaching, and regular feedback.
— A connected team: Grammarly builds products that help people connect, and we apply this mindset to our own team. We have a highly collaborative culture supported by our EAGER values. We also take time to celebrate our colleagues and accomplishments with global, local, and team-specific events and programs.
— Comprehensive benefits: Grammarly offers all team members competitive pay along with a benefits package that includes superior health care. We also offer ample and defined time off, catered lunches, gym and recreation stipends, admission discounts, and more.
You will enable us to execute on our enterprise roadmap by obtaining security certifications that will allow us to expand our market coverage in the enterprise sector. This role is crucial in making Grammarly secure during day-to-day operations.
As a Compliance Analyst you will:
— Design and maintain Grammarly’s information security controls framework in accordance with the leading security standards.
— Design and implement information security controls with different teams at Grammarly.
— Write and periodically review information security policies.
— Conduct periodic information security risk assessments and business impact analyses.
— Design and implement a company-wide information security awareness program.
— Coordinate and support external information security audits.
— Perform ongoing assessments of vendor security compliance.
Grammarly empowers people to thrive and connect whenever and wherever they communicate. More than 20 million people around the world use our AI-powered writing assistant every day. All of this begins with our team collaborating in a values-driven and learning-oriented environment.