[Hiring] Senior Analyst, Governance Risk and Compliance @Demandbase

Role Description

As a Senior GRC Analyst, you will play a key role in advancing Demandbase’s global Governance, Risk, and Compliance (GRC) program. This role requires a balance of hands-on execution and independent judgment, ensuring that compliance requirements are not only met, but translated into meaningful risk management outcomes.

Reporting to the Senior Director of GRC, you will work cross-functionally to drive audit readiness, assess risk, and strengthen the company’s security and compliance posture. You will be expected to operate with a high degree of independence, taking ownership of work from initial assessment through final validation and closure.

This is an opportunity to contribute directly to a growing global security program and build deep expertise across governance, risk, compliance, and emerging domains such as AI assurance.

Roles & Responsibilities

• Execution & Ownership
  • Independently execute audit and compliance activities, including walkthroughs, control testing, and evidence review.
  • Drive audit findings and remediation efforts through to completion, ensuring issues are fully validated and appropriately closed.
  • Take ownership of deliverables and ensure they are complete, accurate, and ready for use without rework.
  • Identify gaps during execution and proactively drive resolution or escalate where needed.
• Risk Analysis & Decision Support
  • Analyze risk and compliance data to identify trends, gaps, and areas of concern.
  • Translate findings into clear, prioritized actions that can inform business decisions.
  • Move beyond reporting to ensure outputs are actionable and tied directly to risk outcomes.
  • Provide input into risk posture and help guide where attention and resources should be focused.
• Framework Application & Practical Implementation
  • Apply working knowledge of frameworks such as ISO 27001, ISO 27701, ISO 42001, SOC 2, and NIST to real-world scenarios.
  • Translate control requirements into practical implementation steps for technical and business teams.
  • Ensure controls are not only documented, but operationally effective and aligned to risk.
• Policy & Documentation Management
  • Maintain and update policies and documentation with a focus on accuracy, clarity, and usability.
  • Perform end-to-end validation of documentation, including verifying links, references, and consistency.
  • Identify and clearly communicate gaps in documentation, even when ownership resides with another team.
  • Ensure documentation reflects current state and supports audit and compliance needs.
• Cross-Functional Collaboration
  • Work with engineering, product, and business teams to drive compliance outcomes.
  • Communicate clearly with both technical and non-technical stakeholders.
  • Navigate ambiguity and move work forward by identifying next steps and removing blockers.
  • Balance collaboration with ownership of outcomes, not just coordination.

Qualifications

• 4–8+ years of experience in Governance, Risk, Compliance, Security, or Audit roles.
• Strong working knowledge of ISO, SOC 2, and/or NIST frameworks.
• Experience supporting or executing audit and compliance activities.
• Ability to evaluate evidence and determine whether it adequately addresses risk.
• Strong analytical skills with the ability to move from data to insight to action.
• Clear and confident communication skills across global teams.
• Candidates should demonstrate prior experience independently owning and driving audit, risk, or compliance work to completion, including validating deliverables and determining next steps without relying on continuous direction.
• Bachelor’s or Master’s degree in Computer Science, Information Systems, Information Security, or a related field.

Preferred

• Experience in a SaaS or technology company.
• Experience with GRC tools (Hyperproof, Vanta, MetricStream, etc.).
• Exposure to AI governance, third-party risk, or security reviews.
• Relevant certifications such as CISA, CISM, CRISC, ISO 27001 Lead Auditor/Implementer, or equivalent are preferred, but not required.

Benefits

• Group Medical, Personal Accident, and Term Life Insurance for comprehensive protection.
• Preventive healthcare covers dental, vision, and OPD needs, complemented by strong mental health support.
• Fitness benefit, car lease policy, and gratuity for long-term financial well-being.