Toast Logo

Toast

Lead Technical Governance Analyst

Posted 6 Days Ago
Be an Early Applicant
In-Office
Dublin
Senior level
In-Office
Dublin
Senior level
Lead the Technical Governance function, implement security controls, oversee GRC programs, and align technical requirements with business objectives.
The summary above was generated by AI

The Technical Governance, Risk and Compliance (Technical GRC) team enables the growth of Toast as we build secure products and enter new markets, while meeting industry and regulatory requirements. Our team is a second line function, providing oversight and leadership to a first line team that is designed for high velocity product innovation and development.

We are looking for a new member of the team to grow our Technical Governance function which works in partnership with the Technical Risk and Compliance teams as we engage 1st line business and engineering teams to design scalable governance processes and frameworks that will further mature our cybersecurity programs.

The successful candidate will report directly to the leader of Technical Governance, who is responsible for maintaining Toast’s Technical Governance program across the privacy and IT security domains. They will work closely with team members across all areas of the business that touch sensitive data or who have influence over system controls. Ultimately this role serves as a crucial liaison, translating complex technical and security requirements into actionable strategies that align with business objectives and regulatory compliance.

About this roll* (Responsibilities) 

  • Collaborate with cross-functional teams to implement technical controls in accordance with PCI DSS, SOC, SOX IT and NIST requirements.
  • Provide administrative support for GRC training and awareness programs
  • Contribute to the preparation of reports on GRC metrics and findings
  • Participate in technical design discussions, evaluate security properties of systems and services, drive risk decisions, and influence technical architecture
  • Interpret and communicate security and compliance constraints to key stakeholders
  • Serve as the primary information security point of contact for business units, translating existing security policies and controls into practical guidance and real-world recommendations.
  • Serve as a liaison between the InfoSec team and business units. Ensure InfoSec understands business-specific requirements and that security measures align with business objectives.
  • Provide consultation and guidance on IT security architecture and data handling practices for current and upcoming projects within the business unit, ensuring alignment with organizational security policies.
  • Participate in cybersecurity maturity assessments, identifying and supporting the management and mitigation of security risks specific to the assigned Lines of Business.
  • Stay informed on emerging cybersecurity threats and industry trends, providing insights and recommendations relevant to the assigned business unit's operations.
  • Foster accountability by ensuring business units actively participate in and take ownership of their specific cybersecurity posture and data security responsibilities.

Do you have the right ingredients*? (Requirements)

  • Minimum of 8 years of related experience with a Bachelor’s degree; or 6 years and a Master’s degree; or equivalent experience in Cybersecurity, GRC, IT security, or a related field.
  • Experience supporting Governance, Risk and Compliance programs inside fast growing companies.
  • Knowledge of IT General Control requirements, scoping, control design, control implementation,
  • Experience with IT-related audits (PCI, SSAE18, ISO27001) and balancing the needs of the business with external audit requirements
  • Experience maintaining and maturing technical governance programs
  • A strong understanding of cloud computing architectures and security patterns
  • High levels of curiosity, persistence, and a grounded approach to getting things done
  • Experience designing controls and stewarding implementation/maintenance with IT and business owners in alignment with industry privacy and security standards (e.g. NIST 800-53, ISO 27001, GDPR, CCPA/CPRA)
  • Experience in using automation and data analytics to enable effectiveness and efficiencies in GRC programs

Our Spread* of Total Rewards
We strive to provide competitive compensation and benefits programs that help to attract, retain, and motivate the best and brightest people in our industry. Our total rewards package goes beyond great earnings potential and provides the means to a healthy lifestyle with the flexibility to meet Toasters’ changing needs. Learn more about our benefits at https://careers.toasttab.com/toast-benefits.

*Bread puns encouraged but not required


Diversity, Equity, and Inclusion is Baked into our Recipe for Success

At Toast, our employees are our secret ingredient—when they thrive, we thrive. The restaurant industry is one of the most diverse, and we embrace that diversity with authenticity, inclusivity, respect, and humility. By embedding these principles into our culture and design, we create equitable opportunities for all and raise the bar in delivering exceptional experiences.

We Thrive Together

We embrace a hybrid work model that fosters in-person collaboration while valuing individual needs. Our goal is to build a strong culture of connection as we work together to empower the restaurant community. To learn more about how we work globally and regionally, check out: https://careers.toasttab.com/locations-toast.

Apply today!

Toast is committed to creating an accessible and inclusive hiring process. As part of this commitment, we strive to provide reasonable accommodations for persons with disabilities to enable them to access the hiring process. If you need an accommodation to access the job application or interview process, please contact [email protected].

------

For roles in the United States, It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Top Skills

Ccpa/Cpra
Gdpr
Iso27001
Nist
Pci Dss
Soc
Sox It
HQ

Toast Boston, Massachusetts, USA Office

Toast’s headquarters is located in the heart of the Seaport District. Toasters are surrounded by art, culture, and delicious cuisine in one of the most bustling neighborhoods in Boston.

Similar Jobs at Toast

Yesterday
In-Office
Dublin, IRL
Mid level
Mid level
Cloud • Fintech • Food • Information Technology • Software • Hospitality
As an Engineering Manager, you'll oversee the development of the Payments Reporting & Data platform, collaborating with teams, mentoring engineers, and ensuring quality and alignment with company goals.
Top Skills: SaaS
Yesterday
In-Office
Dublin, IRL
Senior level
Senior level
Cloud • Fintech • Food • Information Technology • Software • Hospitality
The Staff Software Engineer will lead the design and development of Android-based payment integrations, collaborating with cross-functional teams to enhance Toast's payment solutions.
Top Skills: AndroidCoroutinesEmv StandardsFlowJetpackKotlinPci-Dss
3 Days Ago
In-Office
Dublin, IRL
Mid level
Mid level
Cloud • Fintech • Food • Information Technology • Software • Hospitality
Lead a team of Android engineers to develop a smart upsell platform within Toast's POS, ensuring high-quality deliverables and mentoring team members.
Top Skills: DynamoDBEspressoGraphQLJavaKotlinPostgresReactSeleniumStorybookTailwind

What you need to know about the Boston Tech Scene

Boston is a powerhouse for technology innovation thanks to world-class research universities like MIT and Harvard and a robust pipeline of venture capital investment. Host to the first telephone call and one of the first general-purpose computers ever put into use, Boston is now a hub for biotechnology, robotics and artificial intelligence — though it’s also home to several B2B software giants. So it’s no surprise that the city consistently ranks among the greatest startup ecosystems in the world.

Key Facts About Boston Tech

  • Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
  • Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
  • Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
  • Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account