Senior Staff Analyst, GRC

The Senior Staff Analyst, GRC at Mozilla is a key member of the Security Function within the Infrastructure team. This role focuses on developing and implementing a comprehensive Governance, Risk, and Compliance (GRC) framework across both Enterprise and Product verticals. The position is integral to Mozilla's mission of building a safe and secure internet, aligning security, privacy, regulatory, and risk management initiatives throughout the organization.

Key responsibilities include developing and maintaining a GRC strategy aligned with business objectives, leading the creation and enforcement of standards, policies, controls, audits, and reporting across various enterprise and product verticals. The role also involves developing and operationalizing a risk assessment and management framework to prioritize and remediate critical issues, ensuring compliance with regulatory standards such as ISO, NIST, SOC2, CCPA, and GDPR, and leading internal and external audit activities. Additionally, the analyst will collaborate closely with Legal, IT, Finance, and Security teams to deliver a cohesive integrated risk management framework and define requirements and reporting for data lifecycle management across enterprise and product domains.

Candidates should have over 10 years of progressive experience in developing and delivering an integrated GRC framework, with a strong understanding of regulatory frameworks, processes, and tools related to building a robust GRC framework. Experience in leading cross-functional requirements for product and enterprise teams to implement controls and measures to meet compliance requirements is essential. Relevant industry certifications such as CISA, CISSP, CISM, or CRISC are required. The role also demands hands-on experience with various technologies and tools, the ability to develop Root Cause Analysis and remediation plans, strong critical thinking skills, a bias for action, and the ability to collaborate and influence a diverse group of stakeholders.

Mozilla offers generous performance-based bonus plans, rich medical, dental, and vision coverage, generous retirement contributions with immediate vesting, quarterly all-company wellness days, country-specific holidays plus a day off for your birthday, a one-time home office stipend, an annual professional development budget, a quarterly well-being stipend, considerable paid parental leave, and an employee referral bonus program. Other benefits vary by country.