Senior Staff Analyst, GRC

MozillaMozilla·Remote(Remote Spain)
Data & Analytics

WFA Digital Insight

As the demand for skilled GRC professionals continues to rise, with a 25% growth in job openings in 2025, Mozilla's Senior Staff Analyst, GRC role stands out in the remote job market. This position requires a unique blend of technical expertise, business acumen, and collaborative leadership skills. With the increasing importance of cybersecurity and data privacy, candidates with experience in developing and implementing GRC frameworks are in high demand. Before applying, candidates should be aware of the complex regulatory landscape and the need to balance risk management with business objectives. Mozilla's commitment to a safe and secure internet makes this role particularly appealing to those passionate about making a positive impact.

Job Description

About the Role

The Senior Staff Analyst, GRC role is part of the Security Function within the broader Mozilla Infrastructure team. This team supports Product, Enterprise, and GRC functions across the organization, aligning with the mission to build a safe and secure internet. The ideal candidate will be responsible for defining, developing, and helping implement a Governance, Risk, and Compliance framework for both Enterprise and Product verticals.

The role requires a collaborative leader with deep domain expertise in information security, regulatory compliance, risk governance, and cross-functional stakeholder engagement. The successful candidate will have a strong understanding of regulatory frameworks, processes, and tools related to building a robust GRC framework.

Mozilla Corporation is a non-profit-backed technology company that has shaped the internet for the better over the last 25 years. With more than 225 million people around the world using Mozilla's products each month, the company is shaping the next 25 years of technology and helping to reclaim an internet built for people, not companies.

What You Will Do

  • Develop and maintain a comprehensive GRC strategy and roadmap aligned with business objectives.
  • Lead the creation and enforcement of standards, policies, controls, audits, and reporting across various enterprise and product verticals.
  • Develop and operationalize a risk assessment and management framework on a periodic basis to enable prioritization and remediation of critical issues.
  • Define and deliver measurable scorecards and metrics to enable data-driven decision making.
  • Ensure compliance with various regulatory standards and frameworks (ISO, NIST, SOC2, CCPA, GDPR, etc.).
  • Lead internal and external audit activities, including tracking and resolving deficiencies and remediations.
  • Partner closely with Legal, IT, Finance, and Security to align on the GRC program and deliver a cohesive integrated risk management framework.
  • Lead defining requirements and reporting (scorecards) of data life cycle management across enterprise and product domains, working with the data platform and legal team.

What We Are Looking For

  • 10+ years of progressive experience in developing and delivering an integrated GRC framework.
  • Strong understanding and deep knowledge of regulatory frameworks, processes, and tools related to building a robust GRC framework.
  • Experience leading and delivering cross-functional projects and stakeholder engagement.
  • Excellent communication, interpersonal, and leadership skills.
  • Ability to balance risk management with business objectives.
  • Experience working in a fast-paced, dynamic environment.
  • Strong analytical and problem-solving skills.

Nice to Have

  • Experience with cloud-based technologies and data platforms.
  • Knowledge of emerging trends and technologies in the field of GRC.
  • Certification in GRC or a related field (e.g., CISA, CISM).
  • Experience working in a non-profit or open-source organization.

Benefits and Perks

  • Competitive salary and benefits package.
  • Opportunity to work with a talented and passionate team.
  • Flexible working hours and remote work options.
  • Access to cutting-edge technologies and tools.
  • Professional development and growth opportunities.
  • Chance to make a positive impact on the internet and society.

How to Stand Out

  • Develop a strong understanding of regulatory frameworks and industry standards to stand out in your application.
  • Highlight your experience in leading cross-functional projects and stakeholder engagement.
  • Be prepared to discuss your approach to risk management and compliance in a dynamic environment.
  • Showcase your ability to balance technical expertise with business acumen and leadership skills.
  • Research Mozilla's mission and values to demonstrate your passion for the company's goals and how you can contribute to them.
  • Prepare examples of your experience with data life cycle management and integrated risk management frameworks.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.