Senior Compliance and Risk Analyst

About the team & opportunity

Our Compliance and Risk team is a strategic partner that enables the business to grow securely and responsibly. We work across Engineering, Security, Product, Legal, HR, and Business Operations to build scalable compliance and risk programs that support innovation while maintaining customer trust.

As a Senior Compliance and Risk Analyst, you will own and mature our compliance program, ensuring the organization maintains certifications such as SOC 2 and ISO 27001 while building scalable, automated processes that support a rapidly growing SaaS business.

This is a high-impact role for someone who enjoys both strategy and execution. You'll design and operationalize controls, strengthen our common controls framework, optimize compliance automation, and embed compliance into business processes and product development. Beyond maintaining audit readiness, you'll help shape how compliance evolves as the organization grows, driving continuous improvement and fostering a proactive culture of risk management.

A day in the life of a Senior Compliance and Risk Analyst

• Own and manage the organization's compliance program, including SOC 2 and ISO 27001 readiness, certification, and ongoing maintenance.
• Develop and execute a compliance roadmap aligned with business objectives, regulatory requirements, and organizational risk appetite.
• Lead internal and external audits by coordinating evidence collection, managing auditor relationships, and driving timely remediation of findings.
• Monitor changes in regulatory and industry frameworks, assessing their impact on the organization's compliance program.
• Own the enterprise risk management process, including risk identification, assessment, treatment planning, and ongoing monitoring.
• Conduct periodic risk assessments and partner with stakeholders to identify control gaps and prioritize remediation activities.
• Develop and present compliance metrics, risk dashboards, and executive reports for senior leadership.
• Design, document, and improve internal controls aligned with SOC 2, ISO 27001, and other applicable frameworks.
• Lead control testing, including evidence collection, effectiveness validation, remediation tracking, and continuous improvement.
• Expand and mature the organization's common controls framework to support evolving compliance requirements.
• Administer and optimize compliance automation platforms, improving workflow efficiency and reducing manual effort.
• Perform User Access Reviews (UARs) and support continuous compliance monitoring through automation and reporting.
• Partner with Engineering, Security, Product, Legal, HR, and Operations to integrate compliance into business processes and product development.
• Develop training, playbooks, and self-service resources that empower teams to meet compliance requirements efficiently.
• Manage multiple compliance initiatives simultaneously while ensuring projects remain on schedule and stakeholders stay informed.

What do we need from you?

• 5+ years of experience in compliance, risk management, audit, or Governance, Risk, and Compliance (GRC) roles within a technology or SaaS environment.
• Experience owning or leading compliance programs su