Back to all jobs

Senior GRC Security and Compliance Analyst

Fast

Jul 14

Build the world's fastest Identity and Checkout products

Company Mission

Our mission is to make buying online faster, safer and easier for everyone. Fast Login and Fast Checkout enable a one-click sign-in and purchasing experience that makes it easier for people to buy and merchants to sell. The company’s products work on any browser, device or platform to deliver a consistent, stress-free purchasing experience. Fast is entirely consumer-focused and invests heavily in its users’ privacy and data security. Headquartered in San Francisco but open to a globally remote workforce, we are a founders-led, privately held company funded by Stripe, Index Ventures, Susa Ventures and other world-class investors.

We are committed to diversity and inclusion, and demonstrate our values through equitable pay, fantastic benefits, and access to all reasonable accommodations. 


Summary

We are looking for a Security & Compliance Analyst to work on our GRC processes. You will work collaboratively with other teams to develop effective metrics and compliance activities. In addition, you will support external and internal auditing, help Sales with pre-sales RFPs, and plan security workshops.

Role

    • Work on PCI, SOC 2 and ISO 27001 compliance projects across multiple teams, including operations, IT and engineering
    • Create internal policy and procedure documents
    • Utilize tools such as Bridgecrew, Tenable, Veracode, StackRox (or AWS ECR) during vendor questionnaire process
    • Help coordinate external and internal security and compliance audit activities
    • Work cross-functionally to develop and maintain risk and compliance metrics
    • Clearly explain our security and compliance program to third parties, including customers and vendors
    • Keep track of new regulations, industry best practices, and implement continuous improvement
    • Work with legal to develop privacy artifacts such as privacy policies and privacy impact assessments (PIA).

Requirements

    • Knowledge of industry compliance standards as they relate to Software as a Service, such as SOC1, SOC2, PCI DSS, GDPR and CCPA
    • Use of OneTrust or similar platform
    • Technical ability with veracode, tenable, bridgecrew or similar
    • Keen attention to detail and accuracy
    • You must be organized, responsive, and able to gain support and consensus with multiple stakeholders
    • Ability to convey ideas clearly

Bonus

    • Security Certifications
    • Prior e-commerce experience

Benefits and Perks- Because People Matter

Comprehensive insurance (paid 99% by the company) with no deductible, and 10 dollar copays
Globally remote with flexible work schedules to fit your needs
Generous paid parental/family leave for all caregivers- up to 12 weeks
401k with match up to 4%
Equity grant
People-focused PTO that you determine- time off is there when you want it, when you need it
Frequent inclusive events scheduled to allow everyone to express their voice (or dance skills)
Monthly exercise and internet stipends---and snacks