Senior Staff Analyst, GRC

The Senior Staff Analyst, GRC at Mozilla is a key member of the Security Function within the Infrastructure team. This role is pivotal in developing and implementing a comprehensive Governance, Risk, and Compliance (GRC) framework across both enterprise and product verticals. The position aligns with Mozilla's mission to build a safe and secure internet, ensuring that security, privacy, regulatory, and risk management initiatives are integrated throughout the organization.

Key responsibilities include developing and maintaining a GRC strategy and roadmap aligned with business objectives. The analyst will lead the creation and enforcement of standards, policies, controls, audits, and reporting across various enterprise and product areas. Additionally, the role involves operationalizing a risk assessment and management framework to prioritize and remediate critical issues, as well as ensuring compliance with regulatory standards such as ISO, NIST, SOC2, CCPA, and GDPR. Collaboration with Legal, IT, Finance, and Security teams is essential to deliver a cohesive integrated risk management framework.

Candidates should possess over 10 years of experience in developing and delivering integrated GRC frameworks. A strong understanding of regulatory frameworks, processes, and tools related to building robust GRC structures is required. Experience in leading cross-functional requirements for product and enterprise teams to implement compliance controls is essential. Relevant industry certifications such as CISA, CISSP, CISM, or CRISC are highly desirable. Proficiency with technologies and tools like SEIM and BI Tools, along with strong critical thinking skills and the ability to drive long-term organizational impact, are also important.

Mozilla offers a generous performance-based bonus plan, rich medical, dental, and vision coverage, and generous retirement contributions with immediate vesting. Employees enjoy quarterly all-company wellness days, country-specific holidays plus a day off for their birthday, a one-time home office stipend, an annual professional development budget, and a quarterly well-being stipend. Considerable paid parental leave and an employee referral bonus program are also part of the benefits package.

Working at Mozilla provides an opportunity to make a significant impact on the internet and its users worldwide. The company prioritizes people and their privacy over profits, aiming to make the internet a healthier, happier place for everyone. Employees are encouraged to challenge assumptions, be transparent, and collaborate with diverse teams, fostering a culture of exploration and continuous learning.