Senior Staff Analyst, GRC

The Senior Staff Analyst, GRC at Mozilla is a pivotal role within the Security Function of the Infrastructure team. This position is dedicated to developing and implementing a comprehensive Governance, Risk, and Compliance (GRC) framework across both enterprise and product verticals. Mozilla, renowned for its commitment to an open and accessible internet, seeks a collaborative leader to align security, privacy, regulatory, and risk management initiatives organization-wide.

Key responsibilities include crafting and maintaining a GRC strategy aligned with business objectives, establishing and enforcing standards, policies, controls, and audits across various sectors. The role involves developing a risk assessment framework to prioritize and address critical issues, ensuring compliance with regulatory standards such as ISO, NIST, SOC2, CCPA, and GDPR. Additionally, the analyst will lead internal and external audit activities and collaborate closely with Legal, IT, Finance, and Security teams to deliver an integrated risk management framework.

Candidates should possess over 10 years of experience in developing and delivering integrated GRC frameworks, with a strong understanding of regulatory processes and tools. Relevant industry certifications like CISA, CISSP, CISM, or CRISC are essential. Proficiency with technologies such as SIEM and BI tools, along with the ability to develop root cause analyses and remediation plans, is required. Strong critical thinking skills and the capacity to influence diverse stakeholders are also vital.

Mozilla offers a generous performance-based bonus plan, comprehensive medical, dental, and vision coverage, and substantial retirement contributions with immediate vesting. Employees enjoy quarterly wellness days, country-specific holidays plus a birthday off, a one-time home office stipend, and an annual professional development budget. Additional benefits include a quarterly well-being stipend, considerable paid parental leave, and an employee referral bonus program.

Joining Mozilla means contributing to a mission-driven organization that prioritizes people and their privacy over profits. The company fosters a culture of exploration and mentorship, offering opportunities to make a significant impact on the internet's future. With a diverse and inclusive environment, Mozilla encourages applications from all equity-seeking communities.