Governance, Risk & Compliance Analyst

FloQast is looking for a GRC Analyst to join our growing Compliance team. This position will support the management of compliance controls, organizational policies, procedures, and standards in support of regulatory compliance needs as well as organizational information security practices. You will advise and build relationships with key team members across multiple core departments, aligning department workflows to build a best-in-class compliance program. 

The Compliance department at FloQast reports directly to the General Counsel and is responsible for ensuring FloQast maintains compliance with an array of security and privacy frameworks, including GDPR, CPRA, ISO 27001, ISO 27701, ISO 42001,  SOC 1, and  SOC 2. We are a team of in-house subject matter experts that advise, direct, train, and monitor the organization, resulting in daily interactions with all departments working together on a variety of unique and interesting business initiatives.

*Visa sponsorship is NOT available at this time

• Manage FloQast's internal controls inventory as new controls are added and existing controls are changed.
• Build upon the controls inventory to ensure control owners, testing procedures, related policies, and other pertinent information is accurately documented and kept up to date
• Work with control owners to ensure process narratives are documented and updated annually for all controls
• Initiate, monitor, and follow up on monthly and quarterly control activities to ensure they are completed on time and proper evidence is documented to meet audit requirements
• Serve as a trusted advisor and advocate for security and compliance, engaging with teams across the company to foster a strong risk-aware culture
• Facilitate the development and maintenance of policies, standards, processes, and guidelines by drafting the documentation update, gathering the appropriate approvals, and reporting on all changes in policy review meetings
• Support annual internal and external ISO 27001, ISO 27701, ISO 42001 SOC 1, SOC 2, and other similar audits by scheduling audit interviews, submitting evidence requests to control owners, following up as needed to obtain evidence on time, reviewing evidence provided for accuracy, and facilitating follow up requests as needed to ensure our audits remain on schedule
• Aggregate identified internal control issues and perform a root cause analysis and collaborate on remediation efforts
• Be an advocate for compliance best practices and the point of contact for stakeholders from departments throughout the company
• Support customer assurance activities, including completion of security questionnaires and participation in customer discussions
• Participate in and contribute to cross-functional project teams
• Any other tasks that may be assigned to help the company meet its goals

• 2+ years of relevant experience 
• Knowledge and familiarity with at least one security, privacy, and compliance practices (SOC 1, SOC 2, ISO 27001, ISO 27701, ISO 42001, PCI, HIPAA, etc)
• Understanding of information security and privacy fundamentals
• Certification preferred in one of the following: CompTIA, CISSP, CISA, CISM, Cloud platforms such as AWS, Azure or GCP 
• Confidence and willingness to ask questions, raise issues, and concerns in a timely manner
• Understanding of AI governance or leveraging AI tools to improve compliance and audit efficiency

• Familiarity with NIST, CIS, and other information security frameworks is a bonus but not required
• Experience working for a software development company is a bonus but not required
• Highly collaborative, detail-oriented, intellectually curious, with strong organizational skills and an authentically friendly demeanor  
• Builder mindset, comfortable sharing ideas, trying new approaches and is focused on achieving team and company short and long term goals
• Flexible and adaptable in high growth, start-up environment

#LI-JP1

The base pay range for this position is $72,000 - $108,000. Compensation is not limited to base salary. FloQast values our Total Rewards, and offers a competitive and elaborate Benefits Package including, but not limited to, Medical, Dental, Vision, Family Forming benefits, Life & Disability Insurance, and Unlimited Vacation. FloQast reserves the right to amend, change, alter, and revise pay ranges and benefits offerings at any time. All applicants acknowledge that by applying to this position you understand that this specific pay range is contingent upon meeting the qualifications and requirements of the role, and for the successful completion of the interview selection and process. It is at the Company's discretion to determine what pay is provided to a candidate within the range associated with the role.

About FloQast:

FloQast is the leading Accounting Transformation Platform in accounting workflow automation created by actual former accountants for accountants. By streamlining and modernizing daily accounting tasks, FloQast helps teams collaborate more effectively and complete their work with greater efficiency and precision. This cloud-based, AI-powered software is trusted by over 3,000 accounting teams, including those at Snowflake, Twilio, Instacart, and The Golden State Warriors—and continues to grow. Our mission is to continuously elevate the accounting profession, enhancing both its practice and perception.

Our values act as a guiding compass, shaping every decision we make, and are non-negotiable, particularly in our hiring process. Alongside our employees, partners, and customers, we embody these values every day:

Unwaveringly Authentic 

Ambitious with Integrity

Empowered to Grow

Committed to Collaboration

Customer Obsessed in All Ways

FloQast is regularly rated as a Best Place to Work!

- Inc. Magazine’s Best Workplaces in 2024, 2023, 2022, and 2021

- Best Places to Work by LA Business Journal since 2017 (that’s 8 years!)

- Built In’s ​​Best Place to Work in Los Angeles 6 years in a row!

Because we are Customer Obsessed in All Ways, check out what our customers have to say about FloQast on G2 Crowd. 

If this aligns closely with what you are looking for, hit “Apply” and come join our growing team!

FloQast, Inc is committed to operating fair and unbiased recruitment procedures allowing all applicants an equal opportunity for employment, free from discrimination on the basis of religion, race, sex, age, sexual orientation, disability, color, ethnic or national origin, or any other classification as may be protected by applicable law. We aim to recruit the right people for the jobs we have to offer, and to assess applications on the basis of relevant skills, education, and experience. We welcome people of different backgrounds, experiences, abilities, and perspectives. We are an equal opportunity employer and strive to provide a professional and welcoming workplace for all employees.

Link to FloQast Recruiting AI Usage Policy