CrowdStrike
Governance, Risk, and Compliance Specialist - Customer Assurance (Remote)
As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.
About the Role:
The Governance, Risk, and Compliance Specialist is charged with assisting in the identification, assessment, measurement, monitoring, and reporting of risk through CrowdStrike’s Governance, Risk, and Compliance (GRC) program. The GRC Specialist’s primary function will involve supporting CrowdStrike’s customer assurance program, including responding to customer security assessments and maintaining CrowdStrike’s trust portal. This position may also be called to support GRC functions in relation to audit and compliance of CrowdStrike’s products and third parties including vendors and partners.
What You'll Do:
The ideal candidate will be up to the challenge of understanding current technologies and processes while being continuously on the lookout for innovative and flexible ways to automate processes that support a fast-paced, secure, and empowered environment.
This role covers customer assurance, audit, and compliance in the context of security and privacy within enterprise-wide operational areas such as:
Responding to CrowdStrike and customer questions regarding GRC, information security, privacy, and related topics;
Assisting with internal and external audits and assessments including control assessment, monitoring, and reporting including collection and organization of evidence;
Working with various internal teams and external parties to define and prioritize remediation efforts, tracking remediation activities, and inspecting/validating solutions that have been implemented;
Conducting third party controls evaluation to determine risk; and
Performing other duties within the scope of governance, risk, and compliance as needed.
What You’ll Need:
Practical experience with policy and regulatory mandates such as SOC 1/SOC 2, CSA-CCM, ISO27001/27002/22301/27017/42001, GDPR, CCPA, PCI-DSS, the NIST Risk Management Framework, and associated standards such as NIST SP(s) 800-34/800-53 Revision 5/800-171, FedRAMP, CMMC 2.0;
Understanding of Third Party Risk Management concepts such as organizational risk impact, determining data classification, evaluating control implementations, and assessing adequacy of compensating controls;
Experience in typical office applications including Microsoft Word, Excel, and the Google Workspace Suite;
Fundamental technical understanding of key technologies such as Windows, Linux, and Apple operating systems, networks, application development, databases, virtualization, and cloud infrastructures; and
3-5 years relevant experience, or a BA or BS / MA or MS degree in a related field (e.g. Computer Science, Data Analytics, Cybersecurity).
Bonus Points:
Practical experience in programming languages including JavaScript,Python or similar.
Project management experience in scoping, work break-down, critical path analysis, resourcing, managing time estimates, project risks, and quality.
Ability to think strategically about risks and tie those risks to tactical organizational activities.
Experience with a cloud environment and the CrowdStrike products or services.
Open to learning and working on new domains and technology.
#LI-Remote
#LI-DL1
Benefits of Working at CrowdStrike:
Remote-friendly and flexible work culture
Market leader in compensation and equity awards
Comprehensive physical and mental wellness programs
Competitive vacation and holidays for recharge
Paid parental and adoption leaves
Professional development opportunities for all employees regardless of level or role
Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
Vibrant office culture with world class amenities
Great Place to Work Certified™ across the globe
CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.
CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.
If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at [email protected] for further assistance.
Find out more about your rights as an applicant.
CrowdStrike participates in the E-Verify program.
Notice of E-Verify Participation
Right to Work
CrowdStrike, Inc. is committed to fair and equitable compensation practices. Placement within the pay range is dependent on a variety of factors including, but not limited to, relevant work experience, skills, certifications, job level, supervisory status, and location. The base salary range for this position for all U.S. candidates is $85,000 - $120,000 per year, with eligibility for bonuses, equity grants and a comprehensive benefits package that includes health insurance, 401k and paid time off.For detailed information about the U.S. benefits package, please click here.
Expected Close Date of Job Posting is:12-20-2025Top Skills
Similar Jobs at CrowdStrike
What you need to know about the Boston Tech Scene
Key Facts About Boston Tech
- Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
- Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
- Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
- Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories
