Senior Staff Analyst, GRC

MozillaMozilla·Remote
Data & Analytics

WFA Digital Insight

As demand for digital governance specialists grows, Mozilla's Senior Staff Analyst, GRC role stands out in the current remote job market. With a focus on building a safe and secure internet, this position requires a deep understanding of regulatory frameworks and risk management. The ideal candidate will have 10+ years of experience in developing and delivering integrated GRC frameworks, with a strong knowledge of security, privacy, and compliance. Before applying, candidates should be aware of the company's mission-driven approach and the importance of collaboration in this role.

Job Description

About the Role

The Senior Staff Analyst, GRC role is part of the Security Function within the broader Mozilla Infrastructure team. This team supports Product, Enterprise, and GRC functions across the organization, aligned with the mission to build a safe and secure internet. The ideal candidate will be responsible for defining, developing, and helping implement a Governance, Risk, and Compliance framework for both Enterprise and Product verticals.

The Mozilla Corporation is a non-profit-backed technology company that has shaped the internet for the better over the last 25 years. With more than 225 million people around the world using its products each month, the company is shaping the next 25 years of technology and helping to reclaim an internet built for people, not companies.

What You Will Do

  • Develop and maintain a comprehensive GRC strategy and roadmap aligned with business objectives
  • Lead the creation and enforcement of standards, policies, controls, audits, and reporting across various enterprise and product verticals
  • Develop and operationalize a risk assessment and management framework on a periodic basis to enable prioritization and remediation of critical issues
  • Define and deliver measurable scorecards and metrics to enable data-driven decision making
  • Ensure compliance with various regulatory standards and frameworks (ISO, NIST, SOC2, CCPA, GDPR, etc.)
  • Lead internal and external audit activities, including tracking and resolving deficiencies and remediations
  • Partner closely with Legal, IT, Finance, and Security to align on the GRC program and deliver a cohesive integrated risk management framework
  • Lead defining requirements and reporting (scorecards) of data life cycle management across enterprise and product domains, working with the data platform and legal team

What We Are Looking For

  • 10+ years of progressive experience in developing and delivering an integrated GRC framework
  • Strong understanding and deep knowledge of regulatory frameworks, processes, and tools related to building a robust GRC framework
  • Experience leading and delivering cross-functional stakeholder engagement
  • Collaborative leadership skills with the ability to work with various teams and stakeholders
  • Strong analytical and problem-solving skills
  • Excellent communication and reporting skills

Nice to Have

  • Experience with security, privacy, and risk management initiatives
  • Knowledge of open-source software and technology
  • Experience working in a remote or distributed team environment

Benefits and Perks

  • Competitive salary and benefits package
  • Opportunity to work with a mission-driven organization
  • Collaborative and dynamic work environment
  • Professional development and growth opportunities
  • Flexible working hours and remote work options

How to Stand Out

  • Be prepared to discuss your experience with GRC frameworks and regulatory compliance
  • Highlight your ability to collaborate with cross-functional teams and stakeholders
  • Show examples of your analytical and problem-solving skills in your portfolio or resume
  • Research Mozilla's mission and values to understand the company's approach to GRC and security
  • Be prepared to discuss your experience with risk management and audit activities
  • Consider highlighting any relevant certifications or training in GRC, security, or compliance

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.