Staff Technology Compliance GRC Analyst
Welcome to the Global Enterprise Security Team! As a core member of our security team, you will support our Security Governance, Risk, and Compliance (GRC) initiatives and build capabilities that will contribute to reducing our overall security risk footprint. Your efforts will also contribute to building trust and assurance with the Discord user community. In order to help the Security team scale, we will need your help with building GRC processes to improve our ability to proactively handle GRC-related initiatives, while collaborating cross-functionally across much of Discord.
What you\'ll be doing
- Tech Compliance: Manage existing and upcoming portfolio of attestations and audits (PCI L1)
- Policy and Controls: Develop security policy and common control rollout
- Customer Trust and Assurance: Respond to security questionnaires, contract asks across products and corp
- ITGC SOX: Focus on technology portion of SOX program
- Enterprise BCP: Business continuity planning, impact analysis, and reporting
- Risk Management and Reporting: Security risk tracking and reporting, building, maintaining risk catalog, audits and assessments including audit committee/board content
- Training and Awareness: Build security training and awareness program for the company, including role-based access, customer data access trainings, etc
- Vendor Risk Management: Supplier Security Risk Management and reviews
What you should have
- Prior experience working in Security and Compliance team at a SaaS/cloud company or auditor at Big 4 firm
- 6+ years of direct GRC experience
- Experience working with product security, security operations/IR, and infrastructure security teams
- Excellent written and verbal communication skills, and experience working on remote teams
- Ability to prioritize and track multiple projects in parallel
- Knowledge of security compliance challenges in open source and DevOps environments, as they pertain to compliance audits
- Highly responsive, with a customer-first mindset
- Automation and GRC tech implementation experience
New York City residents only: Minimum salary of $179,000/year + equity and benefits
*Note: Disclosure as required by NYC Pay Transparency Law.
Colorado residents only: Minimum salary of $143,200/year + equity and benefits
*Note: Disclosure as required by sb19-085(8-5-20).
Benefits and Perks
- Comprehensive medical insurance including Health, Dental and Vision (plus up to $20,000 for gender affirmation procedures)
- Mental health resources and quarterly wellness stipends
- 16+ paid holidays, 4 weeks of PTO + use-what-you-need sick days
- Paid parental leave (plus fertility, adoption and other family planning benefits)
- Flexible long-term work options (remote and hybrid)
- Volunteer time off
- A diverse slate of Employee Resource Groups
- Plus commuter contributions and other perks for office-based employees
Discord is a voice, video and text app that helps friends and communities come together to hang out and explore their interests — from artists and activists, to study groups, sneakerheads, plant parents, and more. With 150 million monthly users across 19 million active communities, called servers, Discord has grown to become one of the most popular communications services in the world. Discord was built without selling ads or user data and instead, offers a premium subscription called Nitro that gives users special perks like higher quality streams and fun customizations.
We’re working toward an inclusive world where no one feels like an outsider, where genuine human connection is a click, text chat, or voice call away. A place where everyone can find belonging. Challenging? Heck yes. Rewarding? Double heck yes. It’s a mission that gives us the chance to positively impact millions of people all over the world. So if this strikes a chord with you, come build belonging with us!